jsvini's Replies | ww.wp.xz.cn

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

Forum: Plugins
In reply to: [Flexible Product Fields (WooCommerce Product Addons) - WooCommerce Product Page Editor] E_WARNING: Invalid argument supplied for foreach()

Thread Starter jsvini
(@jsvini)

6 years ago

Hi @martapaw

I did a little digging and was able reproduce this warning, this happens when you create a product field with ‘Assign this group to’ = Product and leave the ‘Select products’ field empty.

I think that the foreach bellow don’t validate if the $products variable is iterable.

https://plugins.trac.ww.wp.xz.cn/browser/flexible-product-fields/tags/1.2.18/classes/fpf-rest-api-fields.php#L73

Forum: Plugins
In reply to: [Advanced Woo Search - Product Search for WooCommerce] SQL query leak

Thread Starter jsvini
(@jsvini)

6 years, 1 month ago

@alejorostata yes it is enabled by default.

@mihail-barinov this is a security and performance issue.

Since this plugin have 40,000+ active installations a CVE ID has been assigned to track this vulnerability: CVE-2020-12070

Viewing 2 replies - 1 through 2 (of 2 total)