ellmann creative

Thanks. That seems to have done it.

I’ll reopen the case if the issue comes back.

Thank you. I guess I’ll do that, and come up with a MU plugin to fix those paths according to a pattern I typically use.

Hey. What’s the plan here? I see I’m still restricted to making backup files in the very PUBLIC web directory. I’m on BackWPup version 4.0.4 now.

I just retried by setting to “Afrikaans” (just to see what will happen), and now the admin seems to be stuck on “Show all languages” – no matter what I select, all pages are displayed even when I switch back to English. I even tried logging out and back in again – no change.

Yes, I can see the change, and it seems to be working as intended.

Much appreciated!

Pozdrawiam. ??

I just found the same problem. What’s going on guys?

It seems that trying to set a relative path via ../../……. etc. also reverts it back to the default path.

Editing it is fine, as long as it’s within the WP folder. As soon as I try to leave the folder, it reverts back to the default.

Attempting to set a full path to somewhere within the WP folder also fails.

Is this a security setting I can disable somewhere?

• This reply was modified 9 months, 2 weeks ago by ellmann creative.

Also, unchecking the plugins in TTfP settings doesn’t seem to help anything.

Except the database, plugins, themes etc. take 1-2s each, and everything else is file backup – I don’t expect splitting that up would help at all.

Here’s the exact backtrace:

Backtrace:
1: trigger_error() in wp-includes/functions.php:5905
2: _doing_it_wrong() in wp-includes/class-wpdb.php:1782
3: prepare() in wp-includes/class-wpdb.php:2686
4: _insert_replace_helper() in wp-includes/class-wpdb.php:2598
5: insert() in wp-content/plugins/post-smtp/Postman/PostmanEmailLogs.php:261
6: save() in wp-content/plugins/post-smtp/Postman/Postman-Email-Log/PostmanEmailLogService.php:186
7: writeToEmailLog() in wp-content/plugins/post-smtp/Postman/Postman-Email-Log/PostmanEmailLogService.php:113
8: writeSuccessLog() in wp-content/plugins/post-smtp/Postman/Postman-Email-Log/PostmanEmailLogService.php:85
9: write_success_log() in wp-includes/class-wp-hook.php:310
10: apply_filters() in wp-includes/class-wp-hook.php:334
11: do_action() in wp-includes/plugin.php:517
12: do_action() in wp-content/plugins/post-smtp/Postman/PostmanWpMail.php:262
13: sendMessage() in wp-content/plugins/post-smtp/Postman/PostmanWpMail.php:60
14: send() in wp-content/plugins/post-smtp/Postman/PostmanWpMailBinder.php:121
15: wp_mail() in wp-content/plugins/sucuri-scanner/src/mail.lib.php:103
16: sendMail() in wp-content/plugins/sucuri-scanner/src/event.lib.php:629
17: notifyEvent() in wp-content/plugins/sucuri-scanner/src/hook.lib.php:70
18: hookAttachmentAdd() in wp-includes/class-wp-hook.php:310
19: apply_filters() in wp-includes/class-wp-hook.php:334
20: do_action() in wp-includes/plugin.php:517
21: do_action() in wp-includes/post.php:4674
22: wp_insert_post() in wp-includes/post.php:6204
23: wp_insert_attachment() in wp-admin/includes/media.php:422
24: media_handle_upload() in wp-admin/async-upload.php:114

Notice: Function wpdb::prepare was called incorrectly. Unsupported value type (array).
Please see Debugging in WordPress for more information. (This message was added in version 4.8.2.)
in {snip}/wp-includes/functions.php on line 5905

Hope this helps sort it out, because it’s starting to get annoying.

Hey.

We’re having the same issue, but this time it’s showing up when adding media. Which is problematic, because it breaks the progress reporting, since it appears in the response from the async uploader.

I traced it back, and it seems to be related to staging_post_smtp_logs, when a security plugin (Sucuri) sends an e-mail about a post update. Since it happens when the media file gets added to the database – that’s when it gets triggered.

The message appears in the media file’s entry in the async uploader, and breaks it.

I’ll test it out. Thanks.

Well, I’m marking this one as “resolved”. Whether WordFence does anything to detect similar situations in the future is now a matter of their policy, I suppose. Good luck. ??

@wfpeter

Not quite.

Thank you for letting me know about the 404, that was a puzzler.

As for the plugin itself: I have received confirmation that it is indeed an early fork of the plugin available on the WP repository. I was told it’s now in a major way a very different plugin, however. They (i.e. the theme and plugin developers) are also reluctant to change the slug due to the negative impact it would have on existing installations.

I’m sure this isn’t the only example of such situations in the wild. It would mean that this issue is a “false positive” that’s bizarrely not exactly unrelated. How does WordFence deal with such naming conflicts? I mean, I’m sure it’s not the only plugin out there that happens to share a slug with something that exists in the public repo?

As an aside – does WordFence track when any given vulnerability was introduced? It would be possible to set manual exclusion rules for such situations, when the precise split-off version is known. In this particular case, if the issue was introduced after v2.0.3 – it’s likely that this “sister plugin” isn’t actually affected.

I think I’ve figured it out.

There are two plugins, sharing the same slug – one provided by www.remarpro.com, the other – by the theme I’m using (Goya).

The one provided by Goya seems to be a branch of the official one, split at version 2.0.3 – right before the “Pro” functionality (and the associated “buy pro!” option) was introduced. While the official (public repo) plugin went on to become v3.0.0 in its changelog (and is now v4.2.0), this one’s next (and last mentioned) revision is a maintenance release 2.0.3.1 that seems to backport some fix or another; the version it’s reporting to WordPress is v4.2.1.

This plugin looks mighty fishy, and I’m not sure what Goya is doing here. It’s clearly a “mistaken identity” situation, except not quite? It is the same plugin… only a much, much older version of it, and it just so happens to share the same slug. I can see how WordFence would be confused by it.

@mike80222 Yeah, and thanks for looking into it.

Interesting. Since I don’t know which file that is, can you please take a look and confirm that it says “<= 5.1.0”? The latest version of the plugin is 4.2.0, and I currently have 4.1.0 installed. Might it be saying “<= 4.1.0” instead?

Also, https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wc-ajax-product-filter/ does not exist – it should, if there are CVEs registered for it.

I’m not sure what to make of this. WordFence’s vulnerability websearch consistently returns a 500 error, so I can’t even tell if the plugin exists in the DB under a different slug or something.

It’s interesting however, that the one I have is named “WC Ajax Product Filters”, while the one on www.remarpro.com is “WCAPF – WooCommerce Ajax Product Filter”. Same slug. I also have it on a different site, and there it’s version 4.2.0 – but still “WC Ajax Product Filters”…