chris_c

ah I see. It’s the www version that triggers the warning. The non-www works ok

As of 5.3.7 the behaviour is unchanged. Clicking dismiss on the unnecessary warning about my website “being at risk” takes me to the settings page for the plugin. That isn’t what “dismiss” usually means?

If you have access to the amazon IAM account you can just change the access keys.

Hi,
Worth checking If you’re using a form (Gravity, Ninja etc) to send emails, you need to ensure that the “from” email is configured to be the same as your domain.

Hi,
Thanks for the reply, and for dealing with the issue so quickly. I didn’t mean my last message to imply I was walking away from the plugin, just wanted to let you know that you wouldn’t find the script there if you went looking.

All working fine again.

Me again ??

I’ve disabled this plugin on the site referenced above and reverted to using another system.

found the script, and confirmed that it’s loading on all the affected sites.

Hi,

one example of such a page is…

https://www.aluminiumtradesupply.co.uk/about/contact-us/

which script are you thinking is missing that would cause this ?

Thanks.

for anyone following this thread. 14.0.2 has been released and fixes this issue.

Also have the same issue on test site running 14.0.1 on WP5.4

Hi,

No, I did not activate the ReduxFramework. I appreciate your quick response, but seriously, if you want people to start installing frameworks on their installation then you could at least warn them that this is part of the process, and furthermore explain what it is and what it is doing.

You might want to think about making that part of the installation process clear so that people can make an informed choice about what software runs on their site. Especially given that they may have to account for what happens to user data(GDPR) and security.

Hi, I too am seeing the same problem, although not on all sites.

To get rid of the error I’ve deleted the reference in that file. Will see if I can work out why it only appears on some of my sites.

Love to know how you’re using jetpack and Akismet, and complying with GDPR?

I think it’s worth keeping a sense of proportionality. One of the problems with GDPR is that it appears to place the same requirements on small businesses with limited technical resources as the likes of Facebook etc.

A website representing a “bricks & mortar” business generating enquiries in the form of names/email addresses is unlikely to need the same level of cookie functionality as a website that is trying to collect data for marketing purposes, such as the likes of Yahoo.

We’ve taken the approach that we only set essential cookies, plus Google analytics. Our cookie notice informs visitors that this is what we’ve done and directs them to information about how to either disable cookies in their browser or use the Google opt-out service.

I think ideally we would not set the analtyics cookies until they click “continue” so that level of functionality would be useful. Would not be surprising to see someone argue that analtyics forms an essential part of running an online business anyway.

In my view, a website that is setting cookies for anything more elaborate is likely to need some considerable developer time to identify cookies being set and block them pending permission, let alone give the option for permission to be revoked. Given the level of support this would entail it’s arguably beyond the scope of a free WordPress plugin?

@simbalion I do actually agree with you, that it would be difficult to argue that the IP by itself was personal data. I was just pointing out that there are circumstances where combined with other information it could be.

In the context of this plugin, there is surely a small a risk that a data breach could occur on a WordPress installation where potentially the IP could be combined with other information, such as the email or username. Even if unlikely, surely it would be wise to cater for that situation?

BTW The Court of Justice in the EU is the highest court in Europe on these matters.