todditron

Very good, thank you

I got it all sorted by just building out the import template manually (fortunately jobs manager uses all native WP structures, so that seemed to work fine). But when I first ran the import using this plugin, it didn’t have any of the image options (other than a url), so we couldn’t tell it what to try to match existing by (I usually say match by filename), so I think that may have resulted in multiple images being created since the same images were referenced by multiple job listings on the source data. That or with all the rollbacks I just messed something up. Regardless, something to keep an eye on. Thanks

Same issue. Just hopping on the thread so I hear about any fixes

Yeah, we ran into this issue as well. Blank submissions start scoring as 100% correct. Fortunately, we were able to catch it before we deployed to production, but this would have been a pretty catastrophic failure had it gone out to students in a live site.

Same error here when I attempt update in local (WP 5.8) or staging environment (WP 5.7.2).

WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 for query INSERT INTO wp_mlw_question_terms (question_id, quiz_id, term_id, taxonomy) VALUES made by do_action('wp_ajax_enable_multiple_categories'), WP_Hook->do_action, WP_Hook->apply_filters, QSM_Migrate-

Not resolved, still broken

Yeah, makes sense. I figured the titles should be the same, but I guess there are scenarios where this would be the desired behavior.

Thanks a bunch

I am using WPengine’s built-in cloning system, copying the entire site from production -> staging environment, for example.

https://wpengine.com/support/copy-site/
(I am copying the filesystem and database when I do this)

Then, when I first visit the destination site, I get that error.

I have to login in recovery mode, deactivate, then reactivate the plugin to get the site running again.

Not an enormous problem now that I understand it, but impede our workflow a bit.

I believe the same thing happens when we pull down a fresh copy of the site into local environment, but haven’t done that for a while, so can’t say for sure

Based on my understanding, you should be fine. It should be a valid password reset link in these emails.

You only get in trouble if you happen to reply to the email, thereby delivering the password reset link to the hackers themselves.

@rsm-support ‘UseCanonicalName’ config crashed the site, the WP-SpamShield broke some of the Angular-powered AJAX forms (even with the general form protection disabled).
From everything I read about the plugin, it seems like a good one and my issue should not reflect badly upon it. We just are working with monstrous Frankenstein-like abomination of a site that we inherited from another developer. My guess is the plugin would work great on any site that vaguely resembled a traditional WordPress site.

Ah, I didn’t catch that autoresponders do not generally include original email. Sounds like they are also looking for bounced messages too. Those would be much more rare, and I guess that is WP team isn’t as concerned with patching this quickly.

For the record, I ended up going with a PHP script in functions.php to hardcode the reply-to email:

add_filter( 'wp_mail_from', function( $from_email ) { return '[email protected]'; } );

The ‘UseCanonicalName fix’ and ‘WP-SpamShield Plugin fix’ crashed this particular site, which has a huge amount of preexisting custom code and unique server configurations. I don’t think the PHP technique will stop the emails, but it should render them harmless.

Client is now getting the fraudulent password resets from ‘[email protected]’

Has anybody figured out what would actually happen if one were to click on a link? The links seem totally correct, same structure as a legit password recovery links. Seems like the spammers could only do something nefarious from them if your site were actually hacked already.

I suppose this could just be a trial phishing run, maybe they will swap out malware links later.

I have a client who is also receiving (unsolicited) password reset emails from that address. (I am looking into the headers to try to figure out if it originated from our server or not.)

If this were a phishing attack, wouldn’t the reset links go somewhere else? My concern is the password reset links look correct. So if this is spam/phishing, what is the purpose? If not, how did that email address get in there? And why are these emails being triggered?

This caused me a bit of head-scratching until I too discovered those extra spaces.

It has to be a bug.

(Very useful plugin though.)