DonnellC

What version of WordPress are you currently running on?

Nitstorm

1.1 has been released.

Hello Opensesame,

This can be done. You will need to make some changes to the html coding. Would you like me to show you how?

Or would you like to wait for the author?

Burtd06,

This does not work with Firstdata Connect 2.0 . That is a different gateway that require different coding.

Then that would be a WordPress issue not a plugin issue.

Like I said. I have a fix for it already. I haven’t released it to the public yet.

After further investigation.

There actually isn’t an issue with the way the plug-in works. This is not a security flaw. The only way your proof of concept works is if the user is logged in or have their sign-in information.

There will be an update soon regarding your CSRF inquiry.

Again there is “NOT” a security vulnerability regarding the information that you’re inquiring.

Please signed out of WordPress. And try to submit that request when you’re signed out. You’ll see get proof of concept is not valid.

I’m reviewing how to correct this issue.

Yes, as i do not feel comfortable providing my email address to you.

After going over the plug-in code. I do not see any security vulnerability.

Also, it appears you are new to wordpress and seen you posting the same thing to other developers plug-ins. If you can not list what the issue is. Please do not open a ticket.

What is the security vulnerability you’ve discovered?

You’re welcome. Can you please leave a review?

I’m always looking for way to better serve.

No. MD5 is fine. Let’s install the plug-in and reinstall the latest version. 1.0 and try to generate the code again.

No. It’s required to run the plug-in. When you created your payment page. Under tab number 8 did you change the hash type? SHA-1 i believe it is.

You should have received a email for the gateway. Can you send me what they sent? Please remove your ip address and x_login.

Are you getting a error code?

Can you post a example of your issue?