slewisma
Forum Replies Created
-
I tried to reconnect after Tim’s message that said it should be fixed and still got the too many requests error. Tried about 10 minutes later and it worked.
- This reply was modified 4 days, 5 hours ago by slewisma.
Happy to email Buffer support but are you saying there’s a chance that WP to Buffer won’t be sunset if Buffer fixes this or not?
This is unfortunate. socialpostflow.com doesn’t have a free tier and my small nonprofit clients aren’t going to pay for a paid tier for their very basic, infrequent use. WP to Buffer was a nice time saver for these small charities with volunteer or very small paid staff but they don’t have the budget for a subscription alternative.
Same issue on my site and a client’s site.
Yes, 5.1.3 still works correctly in my test site here.
Forum: Plugins
In reply to: [List category posts] Vulnerability posted by WordfenceIn case it is helpful, here are some tips from Wordfence for securing local file inclusion when it is needed: https://www.wordfence.com/blog/2025/10/how-to-find-local-file-inclusion-lfi-vulnerabilities-in-wordpress-plugins-and-themes/#how-to-prevent-lfi-vulnerabilities
Not sure if these are practical in the List Category Posts code or not but thought I’d post them here in case they’re helpful for addressing the security risk while not breaking an important part of how the plugin works.That 5.1.2-1 experimental release does fix the problem on the sites where I use Toolset and Font Awesome. I tested on a copy on localhost.
I opened a ticket with Toolset today referencing this support post as they seemed to want proof it was a Toolset issue before doing more work on their side of things in older, now closed, tickets. Your post from yesterday seems to explain it pretty well. Not sure if they’ll act on that or not.
Having the same issue on a bunch of client sites where I use Toolset. My workaround is to not use the Font Awesome plugin and load Font Awesome by script instead. Since I don’t need access to font awesome in classic or block editor, this works for me but I’d still prefer if Toolset and Font Awesome can work this out and fix it in either or both plugins.
Forum: Plugins
In reply to: [List category posts] SECURITY RISKWordfence and ManageWP still show it as vulnerable too which gives clients anxiety.
This update appears to have fixed the issue. Thank you.
Any progress on this issue? Most other plugins fixed this last year when it first started happening with a WordPress update. It is filling the error logs on servers.
Forum: Plugins
In reply to: [List category posts] SECURITY RISKFernando, does your comment about 0.91.0 having just went out mean that you will be addressing the vulnerability, just not immediately since you just did a release?
Clients get nervous when they see the warning from Wordfence, Jetpack, etc. I understand the risk is low due to the needed access levels and that Wordfence’s WAF may provide protection anyway. It’d be good to be able to tell the clients that the risk is minimal and that a future update will address it rather than not knowing if it will be addressed or not. Thanks!Forum: Plugins
In reply to: [Asgaros Forum] Vulnerability reportedThanks for the quick resolution!
Forum: Plugins
In reply to: [Responsive Lightbox & Gallery] PHP warning: Function called incorrectlyEvery other plugin maker of plugins I use on client sites that had this issue fixed it months ago. It’d be really nice to have it officially fixed in the repository version Responsive Lightbox soon.
I think I found the root cause. The customer’s Stripe account is “managed by” another business/app. That was apparently okay with the legacy checkout method but you cannot connect WooCommerce to that kind of Stripe account with the newer checkout method. Unfortunately it looks like the only solution is going to be for the customer to setup a new Stripe account directly with Stripe.