Lovely, so the answer wasā¦ yes I was missing something
Thanks by the way
Thanks for the link, I didnāt see it at first. Iām just wondering whether the hotfix branch is āstableā enough to be applied to themes? There was bulk installation error but it seems to be fixed in the latest update (5 hours ago). Any other issues in this hotfix?
Lovely, so the answer wasā¦ yes I was missing something
Thanks by the way
Thanks for the link, I didnāt see it at first. Iām just wondering whether the hotfix branch is āstableā enough to be applied to themes? There was bulk installation error but it seems to be fixed in the latest update (5 hours ago). Any other issues in this hotfix?
Thanks.
Right now the develop branch seems to be the best choice - it has the security patch and the bulk install fix. As they make more changes to this branch it may not be the best choice, but right now, today, it looks like it.
Sorry, that error has been fixed but Iām still getting the following error;
āFatal error: Class āTGM_Bulk_Installerā not found in ā¦/includes/class-tgm-plugin-activation.php on line 1586ā
Has anyone tried this version?
Think that was fixed in the Develop branch(link below) as StephenCronin said, which includes the bulk fix from the hotfix/2.4.1.
I just tested and didnāt notice the fatal error you had got.
Make sure to watch the master branch though
Thanks webcreations907. I just tested develop branch and youāre right, I didnāt get a fatal error at this time but there is another issue now;
Link is something like āā¦/wp-admin/?page=mytheme-install-required-pluginsā but it should be āwp-admin/themes.php?page=mytheme-install-required-pluginsā. It works if I edit the link manually. Did you notice any problem like that?
@StephenCronin since TGMPA was the preferred solution provided by Envato when we initially had the āfunctionality in pluginsā debate a while ago, please donāt do the same as what happened with the Revslider issues a while ago and start disabling themes left right and center, give authors the time needed to make these updates.
Also, this needs announcing on the author dashboard, not many authors actually come though these forums.
Is anyone else getting the permissions error on a multisite setup when trying to install or activate a plugin using TGM? Iāve seen the issue posted on the TGM Github a few times dating as far back as last March.
Is anyone else getting the permissions error on a multisite setup when trying to install or activate a plugin using TGM? Iāve seen the issue posted on the TGM Github a few times dating as far back as last March.
Is anyone else getting the permissions error on a multisite setup when trying to install or activate a plugin using TGM? Iāve seen the issue posted on the TGM Github a few times dating as far back as last March.
Link is something like āā¦/wp-admin/?page=mytheme-install-required-pluginsā but it should be āwp-admin/themes.php?page=mytheme-install-required-pluginsā. It works if I edit the link manually. Did you notice any problem like that?
TGM v2.4.1 - Same error as in screenshot for bulk install.
I just updated the original post with the following:
OptionTree
If you use OptionTree, then although this does use add_query_arg and remove_query_arg, we are confident that none of the instances can be exploited. There will be an update that escapes these functions in future that you should include in your item, but you should not delay updating your items waiting for this. UPDATE: Version 2.5.4 of this plugin has been released and is now available from the WordPress plugin directory. This version escapes all instances of the functions and also fixes the term splitting issue for WordPress 4.2 (due to released very soon). Please update your items to use this version.
Can anyone explain me why we should care XSS attacks? It is not persistent right?This will not give access to server to modify the website page for all users. It will only affect on the browser who visits the link with malicious script? This can be easily identified right?
Iām not a WP Dev, I have read all XSS related stuff. But I donāt see a real life situation where this is harmful.
So, Is there any real world examples, an XSS attack can be harmful?
Can anyone explain me why we should care XSS attacks? It is not persistent right?This will not give access to server to modify the website page for all users. It will only affect on the browser who visits the link with malicious script? This can be easily identified right?
Iām not a WP Dev, I have read all XSS related stuff. But I donāt see a real life situation where this is harmful.
So, Is there any real world examples, an XSS attack can be harmful?
Any help would be appreciated.
How about redirecting your users to malicious websites using jsā¦
Anyway, this TGM situation isnāt that bad because the attacker must be an admin or have similar privileges to do something bad to your website.