cbquest

Forum Replies Created

Viewing 4 replies - 1 through 4 (of 4 total)
  • Forum: Plugins
    In reply to: [Quiz Maker by AYS] Cannot Add Quiz – ModSecurity and XSS Injection?
    Thread Starter cbquest

    (@cbquest)

    3 months, 1 week ago

    Plugin Version 21.8.3.100
    PDF Addon Version 1.1.2
    PHP v8.2
    WordPress v6.9
    There is no security plugin on the WordPress but there is ModSecurity plugin on the server (cPanel). Even if I add an exception for quiz-maker URL, certificate generation fails at admin-ajax.php.

    I use OWASP ruleset in ModSecurity, and certificate preview button generates XSS Attack Detected via libinjection and 980130: Inbound Anomaly Score Exceeded (Total Inbound Score: 40 – SQLI=0,XSS=40,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=0,SESS=0): NoScript XSS InjectionChecker: HTML Injection

    I believe part of the problem is the text box with quiz description that has HTML tags like P

    Forum: Fixing WordPress
    In reply to: Restore 1000+ posts in trash quicker?
    Thread Starter cbquest

    (@cbquest)

    8 years, 8 months ago

    I know it’s not the ideal solution, but had to do this, seem to be OK:

    First, I retrieved all the IDs:

    SELECT ID from wp_posts where post_name in (comma seperated slugs here)

    Then updated posts, and deleted meta keys:

    UPDATE wp_posts SET post_status = ‘publish’, post_name = replace(post_name,’__trashed’)
    WHERE ID in (comma delimited Ids);

    DELETE FROM wp_postmeta where post_id in (Ids here) AND meta_key in (‘_wp_trash_meta_status’,’_wp_trash_meta_time’)

    Now, I am supposed to delete one more key and add another one, but I did not want to do an insert. These queries ran only few seconds for 600+ rows.

    Forum: Plugins
    In reply to: [WP Scroll Depth] Why is it trying to connect to cs.marinsm.com/mrin
    Thread Starter cbquest

    (@cbquest)

    8 years, 8 months ago

    I apologize, this was purely a coincidence.
    Another javascript was causing conflict and showing this error in the console only when this plugin was active. After some more testing finally I was able to see the error when the plugin is not active. Thank you for checking, and sorry for causing trouble.

    Forum: Plugins
    In reply to: [WP Scroll Depth] Why is it trying to connect to cs.marinsm.com/mrin
    Thread Starter cbquest

    (@cbquest)

    8 years, 8 months ago

    I know, I did the same, this doesn’t make sense.
    But I located a javascript tag on the site that might fire marinsm/prfct domains. However I am not sure why it is conflicting with this plugin. Maybe a coincidence. I need to test more.

Viewing 4 replies - 1 through 4 (of 4 total)