webvitaly

Page-List works properly with 8.1 and I think it should work properly with 8.2 and 8.3.
If you will have any issues please reply here and I will try to help.

Kind regards,
Vitaly

Hi @saskiaherm

Unfortunately this plugin cannot bypass Safari iframe issue. The iframe plugin is just a wrapper around regular html iframe tag.

Kind regards,
Vitalii

Hi @manjas

Plugin is maintained and tested with latest version of WordPress. I bumped the WordPress version to remove the warning.

Kind regards,
Webvitalii

Hi @medialps

You already can use this param in the iframe shortcode:

[iframe src="https://www.youtube.com/embed/dUpTjDqjQoo" width="100%" height="500" loading="lazy"]

Hi @originalbee and @eventermom

The vulnerability is fixed.

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/iframe

Please let me know if anything.

Kind regards,
Vitaly

Hi @eventermom

Thank you for your input. For some reason I did not get the latest Wordfence/patchstack report reported. Only the previous ones. And for some reason there were not so much details how to reproduce it.

I tried my best to do the update based on my best judgement. Hopefully that I was correct and I patched the vulnerability the reporter had in mind.

Please let me know if you got any other feedback.

Kind regards,
Vitaly

Hi @originalbee

The XSS Vulnerability was fixed shortly after it was reported.

So you may enable the plugin.

Kind regards,
Vitaly

Hi @w-prog,

You need to write this in the “Advanced Iframe” plugin page

https://en-ca.www.ads-software.com/plugins/advanced-iframe/

Kind regards,
Webvitaly

Hi @speleo

Thank you very much for your feedback. I released new version with the provided fix. Please let me know if that works good now.

Kind regards,
Webvitaly

Hi @bezemerjoni,

I think you need to post your question here:

https://www.ads-software.com/support/plugin/google-site-kit/

Kind regards,
Webvitaly

Hi @wklauser,

That is a good question why it was working before and stopped now. I don’t know the answer for this one. Please let me know if you will find out the reason for that later.

<iframe 0="height='480'&nbsp;src='https://k3d.fi?m=ewXFcT8t4Jk'&nbsp;frameborder='0'" allow="fullscreen" scrolling="no" src="https://www.youtube.com/embed/dUpTjDqjQoo" class="iframe-class" frameborder="0" style="display: block; margin-left: auto; margin-right: auto; max-height: 499px; width: 757px; height: 65.9181vw; max-width: 100%;"></iframe>

Hi @wklauser
The plugin is not hacked.
As you can see from the inserted code the params got parsed incorectly.
Try to re-type iframe params to fix your issue.

Let me know if any additional questions.

I can see that the shortcode is working now. I will try to make it easier to work in future.

Hi @wklauser,

No, iframe plugin is not hacked. Seems like the shortcode was corrupted in the html/text editor. Try to re-type/fix the shortcode. Right now the output html looks like this and it is easy to spot the issue here:

<iframe 0="height='480'&nbsp;src='https://k3d.fi?m=ewXFcT8t4Jk'&nbsp;frameborder='0'" allow="fullscreen" scrolling="no" src="https://www.youtube.com/embed/mOOClonYKmc" class="iframe-class" frameborder="0" style="display: block; margin-left: auto; margin-right: auto; max-height: 499px; width: 757px; height: 65.9181vw; max-width: 100%;"></iframe>

Since the plugin cannot get the src from the corrupted params the default URL is used.

Please let me know if any additional questions.

I think that is not possible with html iframe element.