Forum Replies Created

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • in reply to: Feature request! Twitter block for newsletter #259992
    ahardy42
    Participant

    Dear TNP Team,
    I'd love any kind of reply on this topic! We're all busy but at least some sort of reply would help.

    Thanks
    Adam

    in reply to: List checkboxes not appearing in shortcode form #246004
    ahardy42
    Participant

    Hi Newsletter Plugin people,

    am I not getting any help on this as part of a policy to try to push me towards paid support?

    Unfortunately, the website I'm working on doesn't have a budget at this point, so I can't go down this route, but it would surely be nice to get just limited feedback on this!

    Regards
    Adam

    in reply to: List checkboxes not appearing in shortcode form #245786
    ahardy42
    Participant

    Bump!

    I went over all your documentation again. The plugin is really not doing its job here!

    Any advice?

    in reply to: List checkboxes not appearing in shortcode form #245525
    ahardy42
    Participant

    Is there any way forward with this?

    The only thing that occurs to me is that it might be broken because some state in the database is breaking the use of lists, because I initially set it up without lists and it can't handle the change.

    ahardy42
    Participant

    It would be helpful to have a statement from Stefano or the Newsletter plugin team about this msg from Wakeyjakey in this thread above:

    Worryingly, the Newsletter Plugin seems to have sent out emails, with the first line of our welcome email changed. The first line reads, “Hi ANNUAL DRAWING OF PRIZE FOR E-MAIL USERS – http://www.ugomezatydod.tk/b30356_prize2019_30356,”

    I think the plugin has sent 100s of emails inviting people to click on this phishing site – from our email address.

    ahardy42
    Participant

    Hi, I have just finished setting up the newsletter plugin and I came across your post. I can see how spammers could have abused the URLs to add fake subscribers, but I don't understand how they managed to hack the plugin so that it sent out the spam newsletter and phishing URL.

    Isn't that part of the plugin API protected by your wordpress account authentication?

    It's great that you posted a work-around for the fake account subscribe actions. Isn't your site still vulnerable though, because the spammer just has to reregister themselves on your newsletter and the process emails will show them the work-around URL query parameters?

    Thanks and good luck!

Viewing 6 posts - 1 through 6 (of 6 total)