Profiles

  • Member Since: February 25th, 2015
  • Find me on:
  • Created a topic, works great for next.js backend, on the site WordPress.org Forums:
    Awesome plugin! the default config saved the day when…

  • Posted a reply to AJAX vulnerabilities to Stored Cross-Site Scripting (XSS) attacks, on the site WordPress.org Forums:
    Deactivating and deleting the plugin also works. "The wp_ajax_cff_save_settings AJAX action, which is responsible for…

  • Posted a reply to [WP Cassify] Sessions initialized for all users, on the site WordPress.org Forums:
    This bug just took down a customer’s server by using up over 1.75 Million inodes…

  • Posted a reply to JavaScript error – chunk loading failed, on the site WordPress.org Forums:
    also had this issue with 6.3, there is no dist/chunks folder so the URL 404s.…

  • Created a topic, Woo 3.0 deprecation warnings from br_wc_get_product_post, on the site WordPress.org Forums:
    There is a bug since WC 3.0 inside the plugin's "bc_wc…

  • Created a topic, error log full of WC3.0 “doing it wrong” warnings, on the site WordPress.org Forums:
    The plugin is using WooCommerce 2.x style properties w…

  • Posted a reply to Show time on order backend broken since Woo 3, on the site WordPress.org Forums:
    The way the filter works has changed in Woo 3.x. Instead of filtering the entire…

  • Posted a reply to Warning when using filter woocommerce_admin_order_date_format, on the site WordPress.org Forums:
    The way the filter works has changed in Woo 3.x. Instead of filtering the entire…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    ah OK, sorry for over-reacting.. it was on here last night. I realize the security…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    Find it: [code]grep 'wp-json/wp.*\?.*id=' access.log [/code] and look for HTTP 200 result codes. Test it:…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    Try this. 1. Open Google 2. Type in "Wordpress 4.7.0" 3. Note how the TOP…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    Wow, so I posted a post here with the details and it was removed by…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    How to spot the 4.7 Content Injection hack in server log files and How to…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    Until my long post explaining everything in detail passes moderation, here is some quick info.…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    Slack invites, deliberate withholding of information hackers already have, and even worse appearing to rub…

  • Wrote a comment on the post Disclosure of Additional Security Fix in WordPress 4.7.2, on the site Make WordPress Core:
    "Many hosts automatically upgrade WP installs" ? "some scan and monitor" ? "this is becoming…