tmb4016
Forum Replies Created
-
Forum: Plugins
In reply to: [WP FullCalendar] Vulnerabilities still exist in v1.6Fundamentally the developer should fix this … but basically he does not care ! Last vulnerability took ages to be fixed and the some feeble excuse was made for not fixing earlier. Next vulnerability … even slower.
Standalone use is one thing but when this is the recommended / companion for a paid plugin and it is still not fixed then even worse. Looking for an alternative for that Events plugin now as part of this issue … Would not recommend any plugin from this developer/team of Marcus and Pixelate.
Forum: Plugins
In reply to: [Smart Recent Posts Widget] Cross Site Scripting Vulnerability?Hi, Can you confirm this is fixed in 1.0.4 please as some security software is still showing it has XSS vulnerabilities. One example ShieldPro
Thanks for the information. Issue is now resolved – it was an issue with some image resources in the default sidebar.
Thanks again.
Yep just spotted it … thanks for the info I will continue digging. I think it may be connected to the sidebar….
Hi,
Thanks for the info … Where did you see that error… I’ve not seen that.
This is not on a web host so will need to track the source of this myself.
Thanks for the pointer
### Begin Install Info ###
## Please include this information when posting support requests ##
— Site Info —
Site URL: https://the4016.com
Home URL: https://the4016.com
Multisite: No— Hosting Provider —
Host: DBH: localhost, SRV: the4016.com
— User Browser —
Platform: Windows
Browser Name: Chrome
Browser Version: 104.0.5112.81
User Agent String: Mozilla/5.0 (Windows NT 10.0; Wi
n64; x64) AppleWebKit/537.36 (KH
TML, like Gecko) Chrome/104.0.51
12.81 Safari/537.36 Edg/104.0.12
93.54—- Current User Details —
Role: administrator
— WordPress Configurations —
Version: 6.0.1
Language: en_GB
Permalink Structure: /%year%/%monthnum%/%postname%/
Active Theme: OceanWP Child 1.0
Page On Front: Welcome ! (#358)
Page For Posts: (#0)
ABSPATH: /var/www/the4016.com/
All Posts/Pages: 14
WP Remote Post: wp_remote_post() works
WP_DEBUG: Disabled
WP Table Prefix: Length: 3, Status: Acceptable
Memory Limit: 40MB— UM Configurations —
Version: 2.5.0
Upgraded From: 2.5.0
Current URL Method:
Cache User Profile: Yes
Generate Slugs on Directories: Yes
Force UTF-8 Encoding: No
JS/CSS Compression: No
Port Forwarding in URL: No
Exclude CSS/JS on Home: No— UM Pages Configuration —
User: https://the4016.com/user/
Account: https://the4016.com/account/
Members: https://the4016.com/members/
Register: https://the4016.com/register/
Login: https://the4016.com/login/
Logout: https://the4016.com/logout/
Password Reset: https://the4016.com/password-reset/— UM Users Configuration —
Default New User Role: 0
Profile Permalink Base: user_login
User Display Name: full_name
Force Name to Uppercase: No
Redirect author to profile: Yes
Enable Members Directory: Yes
Use Gravatars: No
Require a strong password: On— UM Access Configuration —
Panic Key:
Global Site Access: Site accessible to Everyone
Backend Login Screen for Guests: No
Redirect to alternative login page:
Backend Register Screen for Guests: No
Redirect to alternative register page:
Access Control widget for Admins only: No
Enable the Reset Password Limit: Yes
Reset Password Limit: 3Disable Reset Password Limit for Admins: No
Blacklist Words: 5— UM Email Configurations —
Mail appears from: the4016.com
Mail appears from address: [email protected]
Use HTML for E-mails: Yes
Account Welcome Email: Yes
Account Activation Email: No
Pending Review Email: No
Account Approved Email: No
Account Rejected Email: No
Account Deactivated Email: Yes
Account Deleted Email: Yes
Password Reset Email: Yes
Password Changed Email: Yes— UM Total Users —
All Users(5)
administrator(2)
editor(2)
subscriber(1)
none(0)— UM Roles —
Administrator (administrator)
Editor (editor)
Author (author)
Contributor (contributor)
Subscriber (subscriber)
Adult (private_adult)— UM Custom Templates —
N/A
— UM Email HTML Templates —
N/A
— Web Server Configurations —
PHP Version: 7.3.31-1~deb10u1
MySQL Version: 5.5.5
Web Server Info: nginx/1.14.2— PHP Configurations —
PHP Memory Limit: 256M
PHP Upload Max Size: 16M
PHP Post Max Size: 128M
PHP Upload Max Filesize: 16M
PHP Time Limit: 360
PHP Max Input Vars: 1000
PHP Arg Separator: &
PHP Allow URL File Open: Yes— Web Server Extensions/Modules —
DISPLAY ERRORS: N/A
FSOCKOPEN: Your server supports fsockopen.
cURL: Your server supports cURL.
SOAP Client: Your server does not have the SOAP Client enabled.
SUHOSIN: Your server does not have SUHOSIN installed.
GD Library: PHP GD library is installed on your web server.
Mail: PHP mail function exist on your web server.
Exif: PHP Exif library is installed on your web server.— Session Configurations —
Session: Disabled
Session Name: PHPSESSID
Cookie Path: /
Save Path: /var/lib/php/sessions
Use Cookies: On
Use Only Cookies: On— WordPress Active Plugins —
Admin Columns Pro: 5.7.3
Admin Columns Pro – Pods: 1.7
Admin Menu Editor: 1.10.2
Akismet Anti-Spam: 5.0
CSS Hero: 5.0.5
Custom field finder: 0.3
Custom Post Type Rewrite: 1.2.0
Custom Post Type Widgets: 1.5.1
Easy WP SMTP: 1.4.7
Envira Gallery: 1.9.4.7
Envira Gallery – Defaults Addon: 1.5.0
Envira Gallery – Fullscreen Addon: 1.2.4
Envira Gallery – Gallery Themes Addon: 2.0.4
Envira Gallery – Lightroom Addon: 2.3.1
Envira Gallery – Protection Addon: 1.3.4
Envira Gallery – Standalone Feature – Enable Archives: 1.0
Envira Gallery – Tags Addon: 1.7.15
Envira Gallery – Watermarking Addon: 1.4.3
Envira Gallery – Zoom Addon: 1.3.8.1
Events Manager: 6.1.1
Events Manager I/O: 1.1.1
Events Manager Pro: 3.0
FileBird: 5.0.5
Ocean Custom Sidebar: 1.0.9
Ocean Extra: 2.0.4
Outdooractive Embed: 1.4
Pods – Custom Content Types and Fields: 2.9.3
Posts Table Pro: 2.4.1
Show Current Template: 0.4.6
Smart Recent Posts Widget: 1.0.2
Ultimate Member: 2.5.0
Ultimate Member – Social Login: 2.3.14
UpdraftPlus – Backup/Restore: 2.22.14.25
User Role Editor: 4.63
Wordfence Security: 7.6.0
WP FullCalendar: 1.4.1
WP Recipe Maker: 8.4.0### End Install Info ###
Forum: Fixing WordPress
In reply to: Issues with DashboardI prefer caddy because of the simple ssl, auto-renew on the certificates and the reverse proxy as well as the fact the point of the exercise was to install this configuration.
Other people have wordpress served by caddy by all accounts. Issue I have now is it seems to be pointing purely to a wordpress issue rather than php or caddy server error.
Forum: Fixing WordPress
In reply to: Issues with DashboardThere are no new functions. It is as installed. No plugins and the theme is the default twenty twenty one.