Malae
Forum Replies Created
-
Forum: Plugins
In reply to: [FancyBox for WordPress] Captions content changedHello Silkalns,
Thank you for your advice about the new update. I installed version 3.3.7 and have added a screenshot (bottom).
https://imgur.com/a/DGwny9O
No other changes were made. The caption is not as scrambled and does not overlap the image, but coding is still inserted with the caption.Forum: Plugins
In reply to: [FancyBox for WordPress] Captions content changedHello Beatrice,
Thank you for your reply. Your prompt attention is much appreciated.
Forum: Plugins
In reply to: [FancyBox for WordPress] Captions content changedHello Beatrice,
Please find screenshots of the relevant settings pages.
https://imgur.com/a/DGwny9O
No changes were made before or after updating to ver. 3.3.6 or reverting to ver. 3.3.5.Forum: Plugins
In reply to: [FancyBox for WordPress] Captions content changedI was unable to continue checking yesterday and only solved the Health Check Troubleshooting issue. I found that the issue was caused by something in the CSP headers, which I disabled. After that I reinstalled the Health Check plugin and was able to deactivate the Troubleshooting mode. and the site was back to normal.
Today I took the site offline and, without the Health Check plugin, disabled all the plugins except for Fancybox. I checked version 3.3.6 with the Twenty Thirteen theme with and without the child and also the Twenty Nineteen and Twenty Twenty Five themes. All displayed the scrambled captions as in the screenshot. I also tested with and without the Classic Editor. Rolling back to version 3.3.5, all captions were normal. These tests were done both with and without the CSP Security Headers installed.Forum: Plugins
In reply to: [FancyBox for WordPress] Captions content changedHello Beatrice,
Thank you for your prompt reply. For the record I have WordPress 6.8.1 with PHP 8.3 and use the Firefox browser. I also have a very different site, but with the same theme, which has the same caption problems with Fancybox.. The theme is Twenty Thirteen, which was the latest theme when I first built the sites. I have a child theme and also keep Twenty Nineteen installed (not activated) ready for occasions such as this.I followed your suggestions and, on clicking images with Twenty Nineteen installed, they all displayed with no captions. This was also the case if I switched to Twenty Thirteen or Twenty Twenty Five themes. Only the Fancybox ver. 3.3.6 plugin was installed and the browser cache was cleared after every change.
After the above checking, I tried to disable the Troubleshooting mode, but after many tries and clearing browser caches I gave up and deleted the Health Check plugin using FTP. To my surprise, even after clearing the server cache, there was no change on the page and Health Check Troubleshooting remains active on the page and the site is displaying normally on an Edge browser. Searching this on Google I found that others had faced this strange issue and some also still facing the problem after deleting the Health Check plugin using FTP.
Thank you for your prompt response. The plug in is good at preventing downloading and copying from the most commonly used browsers, but Edge is the exception and is the default browser on all Windows devices. This means that a majority of computer users can easily bypass the protection given by the plugin.
I have tried without success to apply CSS to the fix the issue, which is very important. May I suggest that you prioritise finding a solution, because, without it, the plugin as it is now is only a partial deterrent.
- This reply was modified 1 year, 1 month ago by Malae.
Forum: Plugins
In reply to: [HTTP Security Header] Custom SettingsSorry for the duplicate posting. I had opened another tab to check some information and the Support page had gone when I returned to finish editing it, so I did NOT summit it and had to write the posting again. Surprised to find the duplicate today.
I also found I cannot addmaster-onlyto theX-Permitted-Cross-Domain-Policiesand it would not save a custom entry for thePermissions-Policy.
Should I be able to temporarily disable the plugin without uninstalling by clicking the Disable All Headers button. At present it does not seem to work.Forum: Plugins
In reply to: [Disable Lazy Load] Not workingHello Sachyya,
Thank you for your prompt response. I appreciate the screenshots that showed what I had been looking for. The check boxes are now visible. I had been previously been adding CSP security headers, which may have been the cause of their being missing.
Forum: Plugins
In reply to: [Simple Basic Contact Form] Not Compitable with WP 6.8Do not have any problems with sending mail, but have the Doing it Wrong message and the PHP Notice:
Function _load_text domain_just_in_time was called incorrectly, floods the wp-debug.log file making it very difficult to do any development on sites.Forum: Plugins
In reply to: [Abdal Security Headers] Cannot saveFurther to my earlier posting, I assume from the original release date, that this plugin has been recently resurrected, but it seems to run ok with PHP 8.3. However, I checked the code and changed line 47 from
dirname(plugin_basename(__FILE__)) . '/languages/'
todirname((string) plugin_basename(__FILE__)) . '/languages/'
This seems to have fixed the saving issue.On running the plugin I found that it is not implementing the following:
Strict-Transport-SecurityX-Content-Type-OptionsReferrer-PolicyPermissions-Policy
There seems to be no choices available for the attributes for them.I would appreciate it if you can fix these issues.
Forum: Plugins
In reply to: [Spotlight Social Feeds - Block, Shortcode, and Widget] Deprecated PHPThis is taking a long time and is NOT resolved. The issue is that the warnings flood the debug.log file and make it difficult to check other entries, when doing development. Since it affects earlier versions of PHP 8, it is not acceptable to downgrade the PHP version.
Forum: Plugins
In reply to: [Visual Footer Credit Remover] Last update in not workingFurther information on the vulnerability:
The Visual Footer Credit Remover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘selector’ parameter in all versions up to, and including, 2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.Forum: Plugins
In reply to: [Visual Footer Credit Remover] Last update in not workingI discovered that the recent update that didn’t work was made because of a security vulnerability.
Visual Footer Credit Remover <= 1.2 – Authenticated (Admin+) Stored Cross-Site Scripting
Patched CVE-2024-2846
So we should consider that rolling back to version 1.2 will expose the site to this vulnerability.Forum: Plugins
In reply to: [Visual Footer Credit Remover] Last update in not working@marceloesr
I have the same problem. There appears to be a syntax error in the last update (see previous posting). I suggest that you can roll back to the previous version until the problem is fixed.Forum: Plugins
In reply to: [Compact WP Audio Player] cURL error 28With reference to the following:
https://ww.wp.xz.cn/support/topic/access-issue-with-mp3-files-from-s3-bucket-after-plugin-update/I’m very happy that the issue has finally been recognized and is now fixed. I can now update this very useful plugin.
May I suggest that the plugin Admin page be edited to remove: “… There is [sic] no extra settings…” .