DavidSchargel

Thanks for responding.

Their paid version has a nice filter at the top to get right to your destination.

By the way, I’m a happy ASE Pro customer and thanks why I suggested possibly including exclusively as Pro feature,

For anyone looking for Oxygen-TSF integration, please give a Thumbs Up to that Oxygen issue on Github! The Soflyy people really should get this fixed.

Sybre, in the meantime, until this is officially fixed by Soflyy, are there any possible workarounds?

It seems to be possible with:
* SEOPress (who now has native functionality): https://www.seopress.org/support/guides/generate-automatic-meta-description-from-page-builders/

* Yoast: https://github.com/soflyy/oxygen-bugs-and-features/issues/516

* Rank Math: https://wpdevdesign.com/oxygen-rank-math-plugin/

Yes, it was a false positive. I had it too.

The YARA blackhole_basic signature DOES match the quarantined files with mailpoet and the particular malware signature in question was fairly broad and potentially subject to false positives. It’s not even in maldet anymore as a stand-alone signature.

You should be able to verify this be reinstalling the mailpoet plugin and updating the Maldet signatures (this can be done manually via ‘$sudo maldet –update’), then re-scanning.

David Schargel
Portland Oregon USA

MailPoet, here’s a link to a full PHP 7 LEMP server with WordPress for you to replicate the issues in. This is similar to what I am using.

With Vagrant, this can be up and running for you guys in less than 30 minutes. All you’ll likely need to do is install v2.7.1 and see the issues from there.

That’s great news! Don’t be surprised if a future version of iThemes Security re-inserts that line in the future.

I had the exact same problem on one of my minor sites and found a solution. This issue is two-fold:

1) MailPoet having a trailing equal sign in their URLs (likely a result of base64 padding) is generally not a great practice. Equal signs in URLs should ideally be used for parameter passing exclusively. Maybe they can update this in the future.

2) Your specific issue may be that you likely have something in your .htaccess file that prevents URLs ending in an equal sign. For me, it was iThemes Security (formerly Better WP Security) and they have a line added to the .htaccess file…

RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]

That stopped MailPoet activation_link URLs (within signup confirmation emails) from working with the same error you had. That line stopped trailing equal signs in URLs from getting to my site. I made the following edit and now MailPoet signup confirmations work!

RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*).* [NC,OR]