Plugin auto-updated and causing critical error

  • Resolved askvaram

    (@askvaram)


    2 months, 2 weeks ago

    Hello Team,

    One of my websites is using your UPI QR Payments plugin.

    Recently, the plugin was updated automatically, even though auto-updates were disabled in WordPress. Soon after this update, my website started showing an intermittent WordPress critical error (admin-side and sometimes on page load).

    To restore stability, I temporarily downgraded the plugin to version 1.3.6, after which the website is working normally.

    Could you please help confirm the following:

    1. Was the recent update forced or security-related from your side?
    2. Is the latest version fully compatible with PHP 8.1?
    3. Is it safe to temporarily use version 1.3.6, or does it contain any known security vulnerabilities?
    4. Do you recommend PHP 8.0 for stable operation with the latest plugin version?
    5. Are you aware of any conflicts with other plugins or WordPress versions?

    I want to ensure both security and stability, especially since this is a payment-related plugin.

    Looking forward to your guidance.

    Thank you,

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor Gautam Garg

    (@gautammkgarg)

    2 months, 2 weeks ago

    Hello
    1. Yes, a researcher reported a security issue in the plugin, we have patched it and requested WordPress plugins team to forcefully update the plugin on the websites who have not manually done it.
    2. Yes, Latest version is compatible with PHP 8.1 and PHP 8.2. We have tested it with PHP 8.4 also.
    3. No, It’s not safe to use 1.3.6, this version is more than 2 years and 6 months old, and have security issues.
    4. You recommend PHP version 8.0 or above.
    5. No, we are not aware of any conflict.

    If you are getting WordPress critical error while using latest version of plugin, kindly share the error logs in which we can see the fatal error. Kindly ensure that you mask the confidential/private details before sharing the logs.

    Plugin Contributor Gautam Garg

    (@gautammkgarg)

    2 months, 2 weeks ago

    Thanks for sharing the error logs or email. After reviewing the error logs we found that the issue was at “Notifier for Phone” plugin. This plugin was trying to access a protected property of one of our class. Ideally they should not access that property because that is of no use to them. But to make it compatible, we have make the property public because making it public was not causing any issue to our plugin.

    Kindly update our plugin to v1.6.2. It will resolve the issue for you.

    Let us know if you still need any help.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.