mezzomedia

In addition, this same error is now created by Wordfence on the same website on the production server. This was not the case before updating to the latest Wordfence version.

I have double checked to see that fsockopen() is also disabled on this server, and curl_version() does work.

Hi Gregor,

Should the collation of the wp_wpml_mails table itself also be changed to utf8mb4_general_ci? (the collation of the table can be found under the Structure tab, scrolling to the Information section)

Or should this keep using <dfn title=”Unicode, case-insensitive”>utf8_general_ci</dfn>?

Hi Rajat,

I have reported the bug at https://github.com/xylusthemes/import-eventbrite-events/issues/132 and sent a duplicate of the issue to support.

Please note that my client is not currently using the Google Maps API Key feature.

I have also tried going to /wp-admin/admin.php?page=eventbrite_event&tab=settings, switching to the Google Maps API tab and saving the settings. Unfortunately this did not solve the issue.

Hi Louis,

Thanks for confirming.

I was looking at https://smashballoon.com/doc/smash-balloon-twitter-changes-free-version/?twitter and https://smashballoon.com/pricing/twitter-feed/ but couldn’t figure out if the Pro version supported hashtag feeds (and even thought it did not, looking at the first link).

Hi Louis,

Thanks for the quick and clear response!

Am I correct in assuming that starting from v2.1 using a hashtag search (instead of a User Timeline) is only available in the Pro version of the plugin?

Note: the “Try the Pro demo” button seems to link to a 404 page: https://smashballoon.com/custom-twitter-feeds/demo/hashtag?utm_campaign=twitter-free&utm_source=feed-type&utm_medium=hashtag

PS I have also tried downgrading to v2.1 but this is giving the same error. Issue solved (temporarily) by downgrading to v2.0.7.

Please let me know if I can help by providing additional info.

Note: I am not sure if I can remove and re-add the Twitter feed without having access to the client’s Twitter account at this moment.

Hi Peter,

Thanks for the clear and helpful suggestions.

Unfortunately I am seeing this on multiple websites on my server. I have double checked this for at least one website, and noticed in both phpinfo() and with curl_version() that cURL support is enabled.

Note that both the PHP setting allow_furl_open and function for fsockopen() are disabled for this website, because of security reasons. But I couldn’t find any mention of these in the Wordfence requirements.

In other words: yes, I can access restart and configure everything on the server myself. But no, cURL is enabled, so if I would be following your explanation cURL shouldn’t be the culprit here.

I decided to search through the Wordfence plugin code, and noticed that the file/line I mentioned in my initial post is actually the only occurrence of fsockopen(). So there doesn’t seem to be a function/method named fsockopen() defined in the WordfenceLS namespace. Which would mean the PHP error is indeed a correct error.

Furthermore, if the intention was to use the global PHP function fsockopen() I believe the function should be preceded with a “\”, as in \fsockopen(). As explained in https://www.php.net/manual/en/language.namespaces.fallback.php

Does that make sense? And do you agree?
Or is there something I am missing?

Cheers!

ARI support provided the following solution:

Try to populate “Custom JS code” parameter on “ARI Fancy Lightbox -> Settings -> Advanced” page with the following code:

Code:

if ('scrollRestoration' in history) {
    history.scrollRestoration = 'manual';
}
if (!history.state || !history.state.fakeLightbox || history.state.path !== window.location.pathname) {
    history.pushState({fakeLightbox: true, path: window.location.pathname}, null, window.location.pathname);
}
window.addEventListener('popstate', function(e) {
    var isActive = !!$.fancybox.getInstance();
    if (isActive) {
        history.pushState({fakeLightbox: true, path: window.location.pathname}, null, window.location.pathname);
        $.fancybox.close();
    } else {
        history.go(-1);
    }
});

It has been over 2 weeks without any reply.
The ARI support forum seems to have been removed.

Where can paying users get support for this plugin? ??

Hi @haseeb0001 ,

Looking good, thank you very much for adding the latest release to the changelog.

I’m not sure if there is anything I could have done to prevented this.

No worries! This was solely caused by the Email Encoder plugin and has been fixed by disabling encoding in the document head(er) from its advanced settings. ??

Apologies, found the issue: the Email Encoder plugin was causing the Sentry DSN to be encoded twice.

Hi @arsalantariq

Thanks for the update.

I can confirm that I am no longer seeing the vulnerability report in the Plesk WordPress Toolkit after having upgraded the plugin to v2.2.6.

The PatchStack links also mention upgrading to v2.2.6 as the solution.

On Github the repo seems to be updated accordingly, but any tags/releases for 2.2.6 are still missing. Adding these might be useful for developers.

Cheers

Ok, thanks for the quick reply, @lapzor !