Hi @luckynasan,
I managed to sort it out by allowing the CloudFlare managed rule protection “XSS, HTML Injection – Script Tag”. The problem is that we end up being exposed while allowing to bypass this rule. Any chance that you can improve the plugin allowing us to be protected against this kind of injection?
Best!
Hi @luckynasan,
I’ve just checked the Setting and the WordPress Address (URL) and the Site Address (URL) is exactly the same: https://blog.mysite.com.br
Can it be related to the fact that we are using a subdomain?
