orbitmedia
Forum Replies Created
-
Forum: Plugins
In reply to: [Max Mega Menu] Column width settings no longer applied.Hi @megatom
Sorry for the false alarms there. The dev site just had a permissions issue so was loading a /wp-content/uploads/maxmegamenu/style.css with a…
.mega-menu-last-modified-1750946446 { content: ‘Thursday 26th June 2025 14:00:46 UTC’; }
That old file did have the styling for menu-columns-4-of-12 but now that we have the permissions fixed it is loading a new file last modified “Friday 20th February 2026 17:58:34 UTC” which just like the live site no longer includes the needed styling for class names like menu-columns-4-of-12.
Worth noting that this issue happens when the css is set to output to a file or to the head.Forum: Plugins
In reply to: [Max Mega Menu] Column width settings no longer applied.Update. Please stand by. I just noticed that on a dev copy of the site (hosted on WP Engine) the style sheet by mega menus IS showing the styling for classes like mega-menu-columns-4-of-12
We are looking more into this on our end.Forum: Plugins
In reply to: [Max Mega Menu] Column width settings no longer applied.Hi Tom,
We did clear all cache including Mega Menu > Tools and also CDN.
Sampel site https://www.fedsig.com/police/
Using the first item “Light Bars” you can see that the menu has 3 columns each with the class name being added menu-columns-4-of-12 by the plugin. They are displaying in 3 columns but if you use the inspector tool you can see it is only because we manually added in the missing css via one of our own css files (support.css)You mentioned cache which is the first suggestion one should always give but this is definitely not cache related since even adding cache breaking query strings to the page’s URL will still lead in the page having menus using the class names menu-columns-4-of-12 instead of mega-3-columns and still loading the style sheet https://www.fedsig.com/wp-content/uploads/maxmegamenu/style.css Also, even when adding query strings to that .css URL it still does not have styling related the class names like menu-columns-4-of-12.
Note: The site does have WP Rocket so it will likely be showing a cached version of that style.css file when you view it but this issue does persist when we are logged in to and WP Rocket is not being used.
Thanks for looking into this.Forum: Plugins
In reply to: [WP Popups - WordPress Popup builder] Broken Access Vulnerability@timersys
Chiming in with additional context that may help.
You mentioned this was fixed in 2.2.0.4 but PatchStack still says the issue exists in 2.2.0.5. What I think (based on limited knowledge is going on) is that PatchStack is not actually checking the latest versions. Here is what may be going on…
1) The vulnerability they list is for version 2.2.0.3
2) They are still listing this as vulnerable because they are not aware of fix being in place.
3) While they are updating the version number to reflect the plugin’s current version, they are not actually checking those later version… This is the important part.
According to this Reddit post/rant PatchStack gets their info not directly from your plugin but rather from copying what it says in WPScan’s records which in turn gets their info form Wordfence’s records.
Both of those two sources only mention the Jan 11 2026 issue with version 2.2.0.3 and while they mention it as still vulnerable they don’t mention anything about 2.2.0.4 or 2.2.0.5 having an issue.
It appears this headache is due to PatchStack randomly updating to the version number to the current version number despite the vulnerability only being related to version 2.2.0.3. This is also made clear by their URL for the issue listing having “2-2-0-3” in the URL…
https://patchstack.com/database/wordpress/plugin/wp-popups-lite/vulnerability/wordpress-wp-popups-plugin-2-2-0-3-broken-access-control-vulnerability
If Wordfence is the source of truth like that Reddit rant suggests you may want to install the plugin at https://www.wordfence.com/products/wordfence-free/ on a site with your plugin and run a scan to help them update their records. To be clear, I don’t know how Wordfence or PatchStack truly work but as far as I can tell this is what needs to be done and will hopefully help your hard working team be finally free of these false alarms.Forum: Plugins
In reply to: [New User Approve] Plugin Security Risks (CSRF)That’s what I was hoping for, thank you.
Just checking in as this has not been globally fixed yet. The recent updates have fixed it for some sites but the issue still persists in many cases. The recent updates have about a 50% chance of working for a site as far as we see.
Hi,
Thanks for the input. I’ve looked for the GTM plugin scripts you mentioned. I checked the user’s guide, installation instructions, and are not seeing them. Can you please provide a link?Forum: Plugins
In reply to: [SoundCloud Is Gold] Failure to Connect to Soundcloud After V2.4 UpdateI’m getting the same issue even after just updating the plugin to Version 2.4.1.
You can see an example at http://www.mishkanchicago.org/interior/examples/
This is a Divi site and the player looks fine in the preview when selecting a Soundcloud to insert, but on the front end it just gives the url error. WordPress is also on the latest version.
Forum: Plugins
In reply to: [Cloudflare] Horrible since latest updateHiding the toolbar has caused issues for our clients. It make it much more difficult for them to manage their sites.
What was the reason for that change?
It is possible to make it an option to hide or show the toolbar?Thanks.