Farbweiss
Forum Replies Created
-
Forum: Plugins
In reply to: [Banner Management For WooCommerce] Possible Bug in Version 1.1.1. No sure if they were 100% this plugins fault, but the problem was with wbm_banner_image.
Yes it was the plugins fault. See: https://labs.threatpress.com/unauthenticated-settings-change-vulnerability-in-woocommerce-category-banner-management-plugin/
There were some fixes in v1.1.1 and in the changelog the plugin author wrote about the security issues:
= 1.1.1 – 29.05.2018 =
* Fixed vulnerable code issue
* Compatible with WordPress 4.9.x and WooCommerce 3.4.xNow the changelog is “clean”. I have no idea why the plugin author is trying to hide this problem, because (if the wordpress stats are right) nearly 40% of installations is below 1.1 and facing security issues.
Forum: Plugins
In reply to: [Banner Management For WooCommerce] warning – SPAM SPAMCan you please provide us a screenshot of the issue which you are facing. Because for the first time we have faced this type of issue.
Why are telling that this is new to you? You have been told about the security problems some time ago!
https://blog.threatpress.com/vulnerable-wordpress-plugins-multidots/In the changelog of version 1.1.1 of this plugin you wrote:
——————————–
= 1.1.1 – 29.05.2018 =
* Fixed vulnerable code issue
* Compatible with WordPress 4.9.x and WooCommerce 3.4.x
——————————–Now this info is gone in latest version 1.1.2.
this is the “clean” changelog now…
——————————–
1.1.2 β 19.06.2018
Normal Bug Fix
1.1.1 β 29.05.2018
Normal Bug Fix
——————————–
This does not help people! You should tell about the problems the plugin had, provide a fix and give people a change to update to latest versions. Do not try to HIDE serious security issues! Because this only raises distrust.The exploit is out there and is IN USE. https://labs.threatpress.com/unauthenticated-settings-change-vulnerability-in-woocommerce-category-banner-management-plugin/
Forum: Plugins
In reply to: [WP YouTube Lyte] Great Update – 1.7.2 / CSS Class for Text maybe?Cool, thank you so much! Have a great week π
Forum: Plugins
In reply to: [WP YouTube Lyte] Great Update – 1.7.2 / CSS Class for Text maybe?Yes it does. But the class is used for the output of the option: “watch this video on youtube”, too. So if you have both active (like I did on one blog), you can not style them separately. Like “watch this video on youtube” –> text-align:center and the message “This site uses WP YouTube Lyte to embed …” with text-align:left
You see what I mean?
Forum: Plugins
In reply to: [EU Cookie Law for GDPR/CCPA] Message does not disappear now with upgradeSame problem. Worked with Comet Cache in v2.8.5 – now in 3.0 it does not get away if pressed OK.
Forum: Plugins
In reply to: [EU Cookie Law for GDPR/CCPA] Accept button doesn’t workI have the same problem. Reverted back to 2.85. Was using Comet Cache. It works with 2.8.5.
Please fix this bug. Thank you π
Forum: Plugins
In reply to: [SVG Support] Latest Version (v2.3.14) does not work with Astra Theme!Thank you very much. Regarding the php warnings (if using an SVG in Image widget)… I was able to get around this by leaving the image size empty. So go to image settings, choose “individual size” und leave both (height / width) empty. Save the widget. Then the error is not there. Of course you need an extra CSS styling for this now – so to set height and width correct π
Anyway I wish you good luck with the problem! Have a nice day.Forum: Plugins
In reply to: [Antispam Bee] Doesn’t work with thrive comments@alexanderhammerschmied –> have you got a response from Thrivethemes? I asked them about this, and all I got was a link to this page: https://thrivethemes.com/tkb_item/how-are-bugs-and-feature-requests-logged-and-released/
Not really helpful π
Hey Jody, thanks for your effort. I just installed a fresh WP with only Twentyseventeen Theme plus wp-disable plugin active – nothing else.
Still get the problems in customizer (huge Icons) if I have checked “Disable Dashicons when user disables admin toolbar when viewing site”.
So I just might end up in not checking this until page is finished and nobody needs to go into the customizer πI first came across with Astra Theme, but it is also the same with WP “Twentyseventeen”.
Here is a screenshot: https://prnt.sc/gi8ry1- This reply was modified 8 years, 8 months ago by Farbweiss.
Hello again π
I have the same problem now on another website. I am not really sure, but either it is the caching (comet cache) or active firewall on a page with caldera forms.
If I want to exclude a page / usage of the form, what do I have to enter in WAF – if the webform on this page?
https://domain.ltd/contactform/? Thanks and Regards,
ManuelForum: Plugins
In reply to: [WP-SpamShield] Too many warning in error log!@abigailm : Thanks for the hint with plugin version number. Actually I did it like you said, but I just entered 1.9.9.8.6 – so I got the latest 1.9.9.8.7 on autopilot. Even more interesting, the 1.9.9.8.6 was overwritten on another blog. That version crashed the backend of that blog (I havenΒ΄t had the problem we all had with THAT installation). So I renamed the plugin via ftp and I was able to get back into the admin. Than I updated via ftp to latest 1.9.9.8.7. It works now.
So, I disabled auto-update via plugin setting. I can understand the arguments why RSMG made it that way – but this event showed me, that it is better (for me and my installations) if I am able to perform the updates by myself! Because I have customer blogs that have a lot of traffic, and I donΒ΄t want them crashing and get to know that maybe hours or days later…
- This reply was modified 9 years, 4 months ago by Farbweiss.
Forum: Plugins
In reply to: [WP-SpamShield] Too many warning in error log!@ Abigailm : Short question – how did you disabled the automatic updates? I just downloaded the old 1.9.9.8.1 and want to wait until the things are settled until I will allow further updates.
Thanks!Forum: Plugins
In reply to: [WP-SpamShield] Error activating pluginI have the same problems with latest version. After activation I get nice errors thrown out on the frontend:
Warning: preg_match(): Delimiter must not be alphanumeric or backslash in xxx/wp-content/plugins/wp-spamshield/includes/class.utils.php on line 665
Warning: preg_match(): No ending delimiter ‘~’ found in xxx/wp-spamshield/includes/class.utils.php on line 665
Warning: preg_match(): Delimiter must not be alphanumeric or backslash in xxx/wp-content/plugins/wp-spamshield/includes/class.utils.php on line 665
Warning: preg_match(): No ending delimiter ‘~’ found in xxx/wp-content/plugins/wp-spamshield/includes/class.utils.php on line 665
Warning: preg_match(): Delimiter must not be alphanumeric or backslash in xxx/wp-content/plugins/wp-spamshield/includes/class.utils.php on line 665
I used the forms on : https://www.redsandmarketing.com/plugins/wp-spamshield/support/ –> you should do the same.
I hope there will be a fix soon. Until than I have to disable the plugin.
Ok, in latest version 1.4.4.1 itΒ΄s working again.
Caldera Forms 1.4.4.1 ( November 11, 2016 )
FIXED: Missing CSS that caused the date and color picker fields to not work.Thank you for quick bugfixing π