Emielb

Even if the patch isn’t out yet, it would be nice to at least get a response from plugin support after more than a week…

Thanks

If you have many websites with this plugin, here is the WP-CLI command to replace this plugin with Safe SVG (the most popular equivalent plugin):

wp plugin uninstall svg-support --deactivate
wp plugin install safe-svg --activate

Hello,

All security plugins (I use WordFence) send alerts each time and for every website the free version is updated, as the version numbers aren’t aligned between the free and paid versions (free is currently at 3.4.2.18 so it will send alerts until it reaches 6.3.2).

Could this version number be changed to >6.3.1 to solve the issue? Another solution suggested by WordFence support is to differentiate the free and paid plugin slugs.

Thanks!

Hi @wfpeter,

Thanks for your reply! I’ll let the plugin author know.

As far as I know it’s not possible to do that today, but a more general solution for these cases would be to be able to ignore a specific alert (based on its CVE). Maybe that involves risks I’m not thinking about, but it would be very practical in any case.

@remarkno Awesome, thanks!

No problem. This plugin is already very useful as is ?? Thanks for your reply!

Perfect! I just tested it and it’s exactly what I need.

Thanks a lot!

Perfect, that’s exactly the information I was looking for.

Thank you!

No problem, thanks for your reply. The “Upgrade to Pro” button confused me and I thought I would need at least this licence. I’ll have a look at the basic version.

I think it would be clearer if you updated the documentation (this section) to say that all field types require at least a Basic licence (I assume this was different when the documentation was written).

Thanks.

• This reply was modified 8 months, 4 weeks ago by Emielb.

Hi @wfmark,

The e-mail address is correct. I’ve just sent the diagnostic report to [email protected]. It looks like the log only goes back to December 27, so I’m not sure if you’ll get the information you need, but since my problem is solved on my end, I’ll mark this topic as solved.

In summary, site B (the one for which I sent the report) has been duplicated from site A. I received WordFence alert notifications in Slack with the reference to site A, but the alert was actually located on site B. By resolving the alert on site B, I didn’t receive any other notifications on Slack about site A, so the problem is solved on my end.

The only weird thing perhaps is that WF probably stores the site URL somewhere in the database, instead of using a function like site_url(), which seems a bit odd.

Thanks,
Emielb

• This reply was modified 9 months, 3 weeks ago by Emielb.

Hi Mark,

Thanks for your reply! I think I’ve found the source of the problem (this site has been duplicated to another and it’s this one that actually had this alert in Wordfence > Scan). So there’s probably a reference to the old site somewhere.
Would you like to diagnose the problem in more detail, or is this normal behavior? Would you like me to send a diagnostic report to [email protected] for this site instead?

Thanks!

• This reply was modified 10 months, 1 week ago by Emielb.

Awesome! Thank you

OK, thanks for your answer! That works indeed.

To avoid confusion I think that you should remove the comment under the field:

Ideally, a second field for CSS code would be a good improvement, I think. This way, the CSS code would only be loaded on pages where the loading screen appears, and above all, the CSS code would be automatically removed when the user deletes the plugin.

If even PHPMyAdmin returns a 500 error independently of WordPress, there’s probably a problem with the hosting. Hasn’t the PHP version changed recently?

• This reply was modified 11 months, 2 weeks ago by Emielb.

Thank you for your quick reply. After testing, it is indeed WordPress that automatically adds the file name in the title attribute (there is no difference if the theme used is Divi or another).

I think I’ll develop my own plugin to do only the 2 simple tasks I need (add an Alt attribute and remove the title attribute generated by WordPress).

Thanks!