Donncha O Caoimh (a11n)
Forum Replies Created
-
Forum: Plugins
In reply to: [Media Picker for Immich] Immich Media PickerThose are good ideas, and allowing the plugin to define the background colour of the album is worth adding too. Could you please create some issues for me in https://github.com/donnchawp/media-picker-for-immich/issues?q=sort%3Aupdated-desc+is%3Aissue+is%3Aopen+ so I don’t forget?
The refresh link isn’t shown to logged out users, but it’s a tiny useful way to clear that cache.
Forum: Plugins
In reply to: [Media Picker for Immich] Immich Media PickerJust tested it and it works well. Have to wait for the 5 minute TTL or click the Refresh link under the gallery if you have that setting enabled.
Forum: Plugins
In reply to: [Media Picker for Immich] Immich Media PickerGive the code changes in this PR a go. https://github.com/donnchawp/media-picker-for-immich/pull/30
I’ll test it on my own dev server later. Real life is getting in the way.
Forum: Plugins
In reply to: [Media Picker for Immich] Immich Media PickerThis plugin doesn’t fetch the EXIF description, only the filename, which is why you’re seeing that. I’m looking into fixing that (with Claude) and should have a PR you can test later.
It also caches items so any changes you make on the Immich side will be delayed unless you clear the cache. I regard that as a worthwhile trade-off. You don’t want to be hitting your Immich server the whole time.
Forum: Plugins
In reply to: [WP Super Cache] Plugin possibly exploitedThanks. Maybe it was a false positive then, but worth keeping an eye on, just in case. If you install the plugin again and a cached file is reported as suspicious it would be worth downloading it and examining it manually to figure out where the malicious code is.
Forum: Plugins
In reply to: [Media Picker for Immich] Immich Media PickerThere’s no option to set the background colour but if you drop this in Appearance -> Customize -> Additional CSS (or your theme’s custom CSS), this should work:
.immich-lightbox,
.immich-album-overlay {
background: #000;
}Forum: Plugins
In reply to: [Media Picker for Immich] Immich Media PickerI just tagged version 0.2.0 if the plugin with loads of new features, including updates to the picker. It will hopefully look better for you now.
Forum: Plugins
In reply to: [WP Super Cache] Plugin possibly exploitedTwo to choose from are Jetpack Scan or Wordfence but I’m not familiar with others.
It may well be that Malcare detected a false positive in the cached pages. If you downloaded them before deleting them, maybe you can look at what was causing the problem.
Forum: Plugins
In reply to: [WP Super Cache] Plugin possibly exploited@boardboss – unfortunately the exploit is in another plugin and WP Super Cache was caching the pages on your site that had the malicious code embedded in them. Your malware scanner picked up that code in the html pages.
Get your malware scanner to scan your other plugins and code as it’s still on your site, hiding away. 🙁
Forum: Plugins
In reply to: [WP Job Manager] Vulnerable on Current Version – 2.4.1@emgb_520 your first comment was probably flagged because you left only a link. I’ve contacted Wordfence to ask them to remove that report. Just waiting on them to update their website.
- This reply was modified 1 month ago by Donncha O Caoimh (a11n).
Forum: Plugins
In reply to: [WP Super Cache] Persistent notificationThat’s what I’m talking about too. When you cloned your site the WPCACHEHOME was incorrectly set, possibly. That’s why I asked you to do those things.
I think the simplest way to fix it is by uninstalling WP Super Cache from your site and then installing it again. That will set it up with the right settings for your particular site.
Forum: Plugins
In reply to: [WP Job Manager] Broken Access Control vulnerabilityI’d love to get some feedback on that PR if you can help test it, @pineapplepalm. I did a few hours of work on it today, but there are many more plugin check issues to fix too, if you can lend a hand to make it better.
Forum: Plugins
In reply to: [WP Super Cache] Persistent notificationIs your wp-config.php writeable by the webserver? I think this is happening because you cloned your site, and paths differ.
Open up wp-config.php and check “WPCACHEHOME”. Is the path to the wp-super-cache directory correct for your staging server?
What’s happening is that there’s something suspicious on your website, probably malware unfortunately. It only sometimes triggers and can hide itself from Wordfence. But when it triggers, WP Super Cache caches the page and then Wordfence detects the malicious script in the cached page.
Did you examine the files? If you have a copy of one of those files, look for the malicious script in the file and then search online for it. You’ll probably find out how to remove it.
Or use something like Jetpack Scan to clean your site.
Forum: Plugins
In reply to: [WP Job Manager] Any intent on a sucurity update?I contacted Wordfence and asked them to remove the vulnerability report they have. Hopefully they do it soon.