J Rubystudio
Forum Replies Created
-
Thank you for your kind words about the plugin. Yes, it is totally free. We originally built it for our Foxiz and Pixwell themes, and we wanted to bring it to the wider WordPress community as a free contribution.
Regarding your question: the plugin uses WordPress core’s wp_insert_post() API to create posts, so you can fully leverage WordPress hooks (such as wp_insert_post, save_post, or save_post_{post_type}) to extend or customize the behavior on your end.
This means if you’d like to forward the submitted post data to another plugin like WP Download Manager, you can hook into the post creation process and pass the relevant data, including uploaded files, to the target plugin’s API to create the corresponding download listing automatically.
Thanks for reaching out. Currently, the export/import functionality for surveys is not supported in the plugin. We have noted this as a feature request and will consider adding it in a future update.
For now, you would need to recreate the surveys manually on the new website.
Unfortunately, the plugin does not support custom post types at the moment.
I understand the continued alerts from Solid Security are concerning. Let me clarify what is likely happening here.
Security plugins like Solid Security and Patchstack maintain their own vulnerability databases. When a vulnerability is reported, they add it to their list and trigger alerts for any site running that plugin. However, even after the plugin author releases a fix, these databases are not always updated immediately. This means you may continue receiving alerts until the security service reviews and confirms the patch, then removes the entry from their database.
In other words, the alert you are seeing does not necessarily mean your site is still vulnerable. It means the security service has not yet re-evaluated version 2.4.0 to confirm the fix.
That said, I have already submitted the patch to Patchstack for review. However, they have not yet reviewed and updated their records for version 2.4.0. Once they complete their review and confirm the fix, the alerts on your end should stop automatically.
In the meantime, please make sure you are running the latest version of Easy Post Submission (2.4.0) and rest assured that the vulnerability has been addressed.
Thank you for your patience, and please let me know if you have any further questions.
Best regards
You can set this up in Form Settings. Select the form you want to configure, then look for the Post Submission Status option where you can choose between Draft or Pending.
Currently, the plugin supports the Quill editor. We’ll consider adding TinyMCE support if there’s more demand for it.
Thank you for the suggestion, Charlie!Thank you for flagging this.
The version 2.4.0 of the Easy Post Submission plugin, which includes the fix for the Broken Access Control vulnerability you mentioned. The alert you’re seeing from Solid Security / Patchstack appears to be based on outdated patch feedback that hasn’t yet been updated to reflect the fix in version 2.4.
Please don’t hesitate to reach out if you have any other concerns.
Best regards
Thank you for reaching out and for the detailed report, we really appreciate it!
Our team is currently investigating the root cause and will provide a fix in an upcoming update.
Regards,