fullworks

Ideally you should upgrade to at least php 5.5.

Being on an unsupported version of php is a security risk for you.

Correct, this code wont work on PHP 5.3 or earlier.

PHP 5.3 is a non supported version of PHP and hasn’t been since mid 2014 and has outstanding security vulnerabilities, so I recommend you upgrade to a supported version.

https://php.net/supported-versions.php

You are welcome

No problem, and sorry for the inconvenience.

1.3.7 has been recoded to allow obsolete PHP 5.4 to work. Let me know if you see any issues.

I would say, as well as keeping plugins & wordpress up to date for security reasons, its a good idea to keep your operating system upto to at least supported revision. see https://php.net/supported-versions.php

OK, firstly 5.4 was end of life quite a while ago, but I will take a look. Amazing that host still run end of life PHP with unfixed vulnerabilities.

It definitely is an issue with PHP prior to 5.5

1.3.6 released – should fix your issue – let me know, sorry for any inconvenience thanks.

Hi,

Can you give me a little more detail on versions
1. version of wordpress
2. version of php

If you have a development site I can access that has this problem, can I take look?

Meanwhile I will investigate with the info you have given.

As I haven’t heard back I assume you have sorted this.

I believe this is resolved in the current release

New release ow using REQUEST

New release should have removed bypasses

New release, the undefined index should have gone.

Thanks Ollie,

I’m just wondering if it could be simplified further to remove the preg matches? As the $_POST check was added ‘later’ once WP-SCAN found a way around this plugin using POST. Perhaps it can be done with REQUEST.

Alan

Thanks Ollie,

I’m just wondering if it could be simplified further to remove the preg matches? As the $_POST check was added ‘later’ once WP-SCAN found a way around this plugin using POST. Perhaps it can be done with REQUEST.

Alan