[Plugin: WordPress Firewall 2] Incompatibility with Minutes, Agendas and Newsletters plugin | WordPress.org

Alan Hadsell
(@ahadsell)

11 years, 9 months ago

The document upload of the subject plugin fails if the WordPress Firewall 2 plugin is installed in its default configuration. This is because the upload process specifies “&action=wp_handle_upload”, which is detected as a “WordPress-specific SQL Injection attack”.

You can work around the problem by whitelisting the “action” variable, or your source IP address, or by turning off the check for this specific kind of attack.

I have also reported this problem to the author of the Minutes, Agendas and Newsletters plugin.

http://wordpress.org/extend/plugins/wordpress-firewall-2/

Viewing 1 replies (of 1 total)

Thread Starter Alan Hadsell
(@ahadsell)

11 years, 9 months ago

This particular check seems prone to false positives. I have also seen a similar incompatibility with the Upload/Insert function of the post/page editor.

Viewing 1 replies (of 1 total)

The topic ‘[Plugin: WordPress Firewall 2] Incompatibility with Minutes, Agendas and Newsletters plugin’ is closed to new replies.

Tags

firewall

In: Plugins
1 reply
1 participant
Last reply from: Alan Hadsell
Last activity: 11 years, 9 months ago
Status: not resolved