I am using wordfence (not sure if it’s interfering)
XMLHttpRequest cannot load https://xxx.com/wp-admin/admin-ajax.php. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://www.xxx.com’ is therefore not allowed access.
Simba TFA: AJAX error: : error
