kjy112

Here’s an example. We modified play icon for the image (not thumb) to be in center and larger FYI. Please see the 2nd thumb.

https://siltsaver.com/product/high-visibility-barrier-fence/

@daigo75 is this new Yotpo update in conflict with Aelia Foundation plugin? Please be specific.

@dorogoff yes this is exactly what was happening. The mini cart on the page probably forced duplicate JS output. Your code fixed the issue. Thank you so much!

We are also having this issue and seems to be caused by update to the latest woocommerce gateway stripe. This has happened 10-20 times since Feb 11th.

I ended up using unset plugin and place in mu-plugins to disable this plugin.

Hi, I tried this filter based on the link you sent, but FB for WooCommerce still generates the FB pixel. I even placed the add_filter code on top of functions.php and plugin still generates pixel throughout the website. When I disable the plugin, then pixel no longer generated. So I am thinking this filter doesn’t work anymore?

Makes perfect sense based on statistics. Ty so much @mateuszgbiorczyk

Hey Mateusz,

Thank you for the quick response. We are already using your plugin for WebP. The thing is if WebP isn’t supported, we figured we want to serve the optimized original images to the end user as a fall back. I guess based on your opinion, what’s % of current user actually don’t need the original image served?

I think custom code prevention for XSS / JavaScript injection to Field Groups and Post Connections’ name’s would solve this issue. Maybe introduce HTML purifier into simple-fields plugin prior to creating Field Groups and Post Connections would do the trick? Thoughts?

Here’s the GitHub page: https://github.com/bonny/WordPress-Simple-Fields

HTML Purifier: https://htmlpurifier.org/docs

UPDATE: I also found this link that gives insight into the exact function that’s causing vulnerability.

https://www.pluginvulnerabilities.com/2019/09/16/hackers-may-already-be-targeting-this-persistent-xss-vulnerability-in-simple-fields/

• This reply was modified 5 years, 1 month ago by kjy112.

After a couple hours of digging, I found some occurance of the js hack injection in DB under wp_posts. You can search under wp_posts => guid with ‘%https://bes.belaterbewasthere.com%’ Seems like its a scheduled action. Maybe woocommerce related as the sites effected both have woocommerce active. Hopefully, this won’t come back again.

that’s exactly what we did as well but is only temporary fix. Hacks will still happen. in fact it has occured,again today. not 100% sure how they get in but need sometime to figure out. will post more findings hopefully soon.

We are having similar issues as well.

False alarm on Godaddy’s 5.6.27. Just breaks on PHP 7+

PHP 7 broke submission and gotten error

[22-Mar-2018 17:50:10 UTC] WP_Error Object
(
[errors] => Array
(
[wp_mail_failed] => Array
(
[0] => Could not instantiate mail function.
)

)

Revert PHP to 5.6.32 and everything worked. However, if use on Godaddy’s 5.6.27. It fails again!

Can confirm this same error. Used search and replace fixes it.