Peter
Forum Replies Created
-
Forum: Plugins
In reply to: [Ultimate WP Mail] Cross Site Scripting (XSS)Thanks for the update!! However, I just received this about an open redirection:
Thanks again!!
Forum: Plugins
In reply to: [Ultimate WP Mail] Open Redirection VulnerabilityOk, thanks for your reply. Didn’t mean to bother you.
I appreciate it!!
Peter
Forum: Plugins
In reply to: [Ultimate WP Mail] Open Redirection VulnerabilityHi,
Just letting you know the same vulnerability still exists in the updated version 1.3.4
Thanks,
Peter
Hi again,
In the file um-filters-fields.php (ultimate-member/includes/core) in the section * URLs in textarea on line 264 I’d like to remove the added iframe code:
return ‘<iframe class=”um-textarea-html-value” onLoad=”UM.frontend.iframe.resize(this);” title=”‘ . esc_attr( $data[‘label’] ) . ‘” srcdoc=”‘ . wp_kses_post( esc_attr( $value ) ) . ‘”></iframe>’:
and revert it to return $value; like it was in v2.8.6 and earlier.
I don’t see a reason to open the textarea in an iframe and it has caused my members grief when they try adding styles to their links, etc that I have allowed them to do.
How can I can I go about doing this without changing the code in um-filters-fields.php as I would have to do it with every update and that is not a thing I relish doing each and every time?
Thanks again,
Peter
I’m sorry to say that the provided code did NOT return the iframe to the textarea when having the box checked “Does this textarea accept HTML?” only when using the textarea without HTML. This is not desirable as I need to use HTML in the textarea.
Any ideas?
Thanks,
Peter
- This reply was modified 1 year, 6 months ago by Peter.
This is happening because starting in version 2.8.7 for some reason the textarea has been changed to show in an iframe. If you revert to v 2.8.6 and test you will see what I’m saying. I’m having the same issue. You can’t style the content either since it’s in an iframe.
Just my 2 cents worth. Versions 2.8.7 and 2.8.8 changed to iframe for some strange reason on the part of the programers.
Peter
Forum: Plugins
In reply to: [Post Grid] Newest Update Breaks SiteFixed in newest version. Closing this
Any news on fixing this issue and updating?
Thanks
Forum: Plugins
In reply to: [Comments - wpDiscuz] Comments Not workingI have resolved the issue.
Thank you!!
Forum: Plugins
In reply to: [wpForo Forum] Broken Access Control vulnerabilityOk. Thank you for getting back about this. Very good to know!!
Hi,
Please update your plugin. I would hate to have to switch to another as yours is the best for me.
Thank you!!!
Forum: Plugins
In reply to: [Comments - wpDiscuz] Error when trying to commentThis has been resolved. It was a problem with user email.
Thank you and I apologize for any undue concern!!
Forum: Plugins
In reply to: [Comments - wpDiscuz] Error when trying to commentI think another plugin must be causing this. I downgraded wpdiscuz to 7.6.3 and still getting the same error. If I allow guests to comment, there is no error. The error is only for registered users it appears
Forum: Plugins
In reply to: [Comments - wpDiscuz] Error when trying to commentThank you for letting me know about update. However, this did not solve the problem I’m sorry to say.
Any other ideas?
Thank you