des2019
Forum Replies Created
-
Thank you for letting me know that it’s not an issue. As you can see from my last post, I was in the process of reinstalling on all sites I maintain. Now that you’ve clarified that it’s nothing to worry about, I’m not going to do the reinstall on the rest of the sites. I’m guessing that warning will automatically go away with your next plugin update.
I found a way to resolve this issue. I’ve tried it out on 4 different sites, so far, and each time I ran another scan the file no longer shows up as being changed.
Sidebar: On every site I’ve tested this out on Wordfence was taking a MUCH longer time than usual to run a scan and often put up a notice about not being able to complete the scan. Be that as it may, the file change notice did not come up.
Here’s what worked for me:
- Deactivate and then Delete WP-Optimize.
- Reinstall and activate it. Ignore that Set Up wizard and scroll down to EXIT SETUP.
You may need to check your settings after you reactivate the plugin. Run a scan.
Hi,
Not since a couple of weeks ago when 4.4.0 was released. I didn’t see the file change notice notice in Wordfence until a couple of days ago, when I posted my question here. The Original version of the file is extremely long and shows a lot of info about Yoast SEO, WooCommerce order forms, Events Calendar, Adwords conversions… and the list goes on and on. The Modified version is completely blank.
Forum: Plugins
In reply to: [Tealium] XSS WarningThank you for all of your help! In the end, we decided to place the Tealium tag in the functions file and remove the plugin.
Forum: Plugins
In reply to: [Tealium] XSS WarningAs mentioned, the plugin upgrade crashed the website. I had to deactivate the plugin via FTP, then rollback to the previous version 2.1.17.
Forum: Plugins
In reply to: [Tealium] XSS WarningI just updated the plugin and it crashed the website: There has been a critical error on this website.
Forum: Plugins
In reply to: [Tealium] XSS WarningHi,
To be sure I’m understanding this upgrade: It will only solve the security problem if I do the upgrade AND also disable the template file editor in your wp-config file?
Forum: Plugins
In reply to: [Tealium] XSS WarningHi,
Thank you for your detailed explanation!
The plugin was installed by the marketing company. I checked the settings at they’re not using the Advanced Tag Code section. I’m going to find out if they can provide me with a conversion tracking code that I can manually place into the header or footer.
Too bad there’s no way for you to patch the security risk so that Wordfence stops putting up that warning.
Forum: Plugins
In reply to: [Tealium] XSS WarningHi,
Are you working on a patch for this, or should I delete this plugin?
Forum: Plugins
In reply to: [Tealium] XSS WarningAs of this morning, this is now being picked up by Wordfence.
Forum: Plugins
In reply to: [Tealium] XSS WarningI appreciate your looking into this; Thank you!
Forum: Plugins
In reply to: [Tealium] XSS WarningHi,
Here’s where the notice is posted: https://patchstack.com/database/wordpress/plugin/tealium/vulnerability/wordpress-tealium-plugin-2-1-17-cross-site-scripting-xss-vulnerability?_a_id=350
What puzzles me most is that Wordfence makes no mention of this vulnerability, and I haven’t been able to find anything about it other than what Patch Stack is showing.
Closing out this thread as it appears that I MAY have FINALLY solved the problem.
Deleting this comment until after I run a few more tests.
- This reply was modified 11 months, 4 weeks ago by des2019. Reason: Running additional testing
Hi Ralden,
Thank you! I’ve been trying everything I can think of, and clearing cache after every change, and still get the error message. https://growingroots.com/long-beach-thousand-oaks-interior-plants/