Richzendy

Thanks for your quick response, but i think is not a only contributor access, an attacker took advantage of this vulnerability and contaminated all the php sites on my VPS with cryptocurrency mining malware and redirecting my sites to advertising pages.

With removing the plugin and clean my vps, all come back to normally.

Yes, but in private, you need to make login to see the bot

I’m using the free trial but I’m only spend $0.08 from 18 $USD, I have balance.

Hi! thanks a lot, i’m glad to hear about this, have a nice day, i’m trying later upgrade the plugin and test this.

To all with the same problem, use “core rollback” to downgrade wordpress to 6.X or before version and use this plugin, later you can update your wordpress to the last version and that’s all.

• This reply was modified 3 years, 11 months ago by Richzendy.

Hi! Sorry about delay.

Yes the lat and long on the areas was missing.

Are working now.

Thank you so much.

Thanks for your response.

Yes i can disable but just a few moment because is a production site, but that was tested before and without minify is the same problem.

these are my locations: https://imgur.com/a/TRJfQ5W

location;area;lat, long
Usulután;Usulután;13.345322, -88.442741
Soyapango;San Salvador;13.703791, -89.150848
Sonsonate;Sonsonate;13.731905, -89.715675
Sensuntepeque;Caba?as;13.87737, -88.62677
Santiago de María;Usulután;13.484374, -88.466194
San Vicente;San Vicente;13.642351, -88.78949
San Miguel;San Miguel;13.483826, -88.178581
San Francisco Gotera;Morazán;13.696735, -88.102356
Lourdes;La Libertad;13.742669, -89.361893
Cojutepeque;Cuscatlán;13.720723, -88.933975
La Unión;La Unión;13.336975, -87.845055
Chalatenango;Chalatenango;14.039439, -88.938202
Apopa;Apopa;13.791298, -89.174623
Ahuachapán;Ahuachapán;13.920203, -89.844963
Santa Tecla;Santa Tecla;13.673754, -89.289185
Centro San Salvador;Centro San Salvador;13.698091, -89.189512
San Salvador – CC Galerías;San Salvador;13.702341, -89.229042
Santa Ana;Santa Ana;13.984271, -89.566856
Zacatecoluca;La Paz;13.507725, -88.87104
Mejicanos;San Salvador;13.730219, -89.221742

Well, i’ve found the problem, when i switch to wp-supercache mode on wordops, some rule on nginx give me the problem, switch to normal wordpress mode show the invoice page as is expected.

The same here, on my dev environment is working ( Varying Vagrant Vagrants ) , but on production is not showing and i don’t have any error on my logs, i’m using wordops environment with php72, was tested with php73 and the same behavior

• This reply was modified 4 years, 8 months ago by Richzendy.

Thank you @kimso, you save me a lot of time!

Thank you for your feedback, i’ll to check this

The error looks like a bug detecting if contactform7 plugin it’s installed, if you make this:

function nocaptchagcaptcha_plugins_loaded() {

    if(!is_cf7_active()){

instead

function nocaptchagcaptcha_plugins_loaded() {

    if(is_cf7_active()){

The captcha it’s loaded correctly

false alarm, you can’t get $posted_data with new params added on wpcf7_before_send_mail from the wpcf7_skip_mail filter

Fixed, the filter function:

function my_skip_mail($f){
    if( $posted_data["skip_mail"] == 'true' ){
        return true; // DO NOT SEND E-MAIL
    }
}

you don’t need:

$submission = WPCF7_Submission::get_instance();
    $posted_data = $submission->get_posted_data();

If you use that, $posted_data will be rewrited and you lose the skip_mail key on the array.

Ok, on the last CF7 version the filter works (i had the 3.9.1 version), this code works now:

add_filter('wpcf7_skip_mail','my_skip_mail');

function my_skip_mail($f){
$submission = WPCF7_Submission::get_instance();
return true;
}

and the email is not sent, but i have a function to the action wpcf7_before_send_mail, before i was using in this function:

$posted_data->skip_mail = true;

to block the email sent, but now how i can make use to the new filter?

if i do in my wpcf7_before_send_mail function:

$posted_data["skip_mail"] = true;

and in the filter i do:

function my_skip_mail($f){
    $submission = WPCF7_Submission::get_instance();
    $posted_data = $submission->get_posted_data();
    ob_start();                // start buffer capture
    var_dump( $posted_data );      // dump the values
    $contents = ob_get_contents(); // put the buffer into a variable
    ob_end_clean();                // end capture
    error_log( $contents );        // log contents of the result of var_dump( $object )
    if( $posted_data["skip_mail"] == 'true' ){
        return true; // DO NOT SEND E-MAIL
    }
}

On the error_log file the content of $posted_data don’t have the skip_mail element and i can’t compare anything to block the email sending.