dking64

Hi Brian. Is the information in the WordPress Vulnerability Database for v. <= 4.3000000023 incorrect?

The vulnerability is still reported in my WordPress install. Thanks again.

Thanks for the update, Sajjad!

Very important (following).

Hi Brian. An input validation vulnerability is now being reported:

https://really-simple-ssl.com/vulnerability/13b88cab-3fef-4bbb-8738-75137541467e/

• This reply was modified 8 months, 3 weeks ago by Yui.
• This reply was modified 8 months, 3 weeks ago by Yui. Reason: please do not use shortlinks

I hope you’re successful, Brian. That will stop the daily flow of notifications from security plugins.

Thanks for the update.

Thanks very much!

I hope there is a result on this soon. I’ve been receiving security notifications every day for weeks for each of several sites that have this plugin. Thank you.

• This reply was modified 1 year, 4 months ago by dking64.

Thanks again!

Thank you for following up on these issues quickly.

2.0.2 fixes the issues I initially reported at the beginning of this thread:
— the CC contact lists now display in the plugin,
— I can select a list for a form to populate, and
— account info (name + email) now displays in the ‘Disconnect’ screen.

Does 2.0.2 also include the vulnerability fix that was part of 1.14.1?

I just bought the Pro version. A completely reasonable upsell (and anyone who apologizes for a reasonable upsell probably deserves more than he gets).

Please provide the code snippet for the de-authentication notice when you have a chance.

Thanks again for your help, Martin!

Thanks for following up quickly.

I’m a developer so technical notices in WordPress are meaningful to me. And your question is a valid one if it addresses a technical user. My client who uses the site daily, however, is not technical. He just wants to post, and wants the convenience of automatic cross-posting to LinkedIn. But because of LinkedIn’s requirements, the plugin loses its authentication, my client pays no attention to technical notices and tries to post, an error that is illegible to him is thrown, and he contacts me. I re-authenticate as soon as I’m available and then he posts.

So I guess my question boils down to this: should a plugin that loses authentication every 60 days prevent a user from posting?

Of course further training with my client can mitigate problems here, as can me noting in my calendar to log into my client’s site every 60 days to re-authenticate. But I think it would be better if a notification email to the main admin were generated when the plugin loses its authentication. And/or a user is allowed to post but a notice communicates that cross-posting has discontinued. Those would be better than a technical error notice to a non-technical user that the plugin is preventing her/him from posting.

Thanks again!

When the plugin needs to be re-authenticated, we get the following when we try to publish a post:

Warning: Undefined variable $profileType in [root_directory]/wp-content/plugins/wp-linkedin-auto-publish/wp-linkedin-auto-publish.php on line 691

Warning: Undefined variable $profileId in [root_directory]/wp-content/plugins/wp-linkedin-auto-publish/wp-linkedin-auto-publish.php on line 691

Fatal error: Uncaught TypeError: Cannot access offset of type string on string in [root_directory]/wp-content/plugins/wp-linkedin-auto-publish/wp-linkedin-auto-publish.php:777 Stack trace: #0 [root_directory]/wp-content/plugins/wp-linkedin-auto-publish/wp-linkedin-auto-publish.php(635): wp_linkedin_autopublish_post_to_linkedin_common(6246) #1 [root_directory]/wp-includes/class-wp-hook.php(307): wp_linkedin_autopublish_post_to_linkedin(‘publish’, ‘draft’, Object(WP_Post)) #2 [root_directory]/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters(NULL, Array) #3 [root_directory]/wp-includes/plugin.php(476): WP_Hook->do_action(Array) #4 [root_directory]/wp-includes/post.php(5303): do_action(‘transition_post…’, ‘publish’, ‘draft’, Object(WP_Post)) #5 [root_directory]/wp-includes/post.php(4563): wp_transition_post_status(‘publish’, ‘draft’, Object(WP_Post)) #6 [root_directory]/wp-includes/post.php(4775): wp_insert_post(Array, false, true) #7 [root_directory]/wp-admin/includes/post.php(426): wp_update_post(Array) #8 [root_directory]/wp-admin/post.php(227): edit_post() #9 {main} thrown in [root_directory]/wp-content/plugins/wp-linkedin-auto-publish/wp-linkedin-auto-publish.php on line 777`

Any update on this issue? Instagram feeds have been down for more than two weeks.

Thank you.

Thanks again, Michael!

Thank you, Michael!