Fatal error on empty taxonomy search

  • Resolved leedxw

    (@leedxw)


    4 months, 2 weeks ago

    wonderm00ns-simple-facebook-open-graph-tags 3.3.5 will produce a fatal error on empty searches which include taxonomies.

    To reproduce on a fresh WordPress installation with debug logging enabled, add a custom taxonomy and make a search that references it:

    cd /var/www/html/wp-content/themes/twentytwentyfive
    wp scaffold taxonomy audience > tax.php
    echo 'require("tax.php");' >> functions.php
    wp plugin install wonderm00ns-simple-facebook-open-graph-tags
    wp plugin activate wonderm00ns-simple-facebook-open-graph-tags
    curl -s "http://localhost/?s=n&audience=x" > /dev/null

    When is_tax() is true and $wp_query->get_queried_object(); doesn’t match an object, the following logs are generated:

    PHP Deprecated:  stripslashes(): Passing null to parameter #1 ($string) of type string is deprecated in /var/www/html/wp-content/plugins/wonderm00ns-simple-facebook-open-graph-tags/public/class-webdados-fb-open-graph-public.php on line 313
    PHP Warning:  Attempt to read property "taxonomy" on null in /var/www/html/wp-content/plugins/wonderm00ns-simple-facebook-open-graph-tags/public/class-webdados-fb-open-graph-public.php on line 315
    PHP Warning:  Attempt to read property "taxonomy" on null in /var/www/html/wp-content/plugins/wonderm00ns-simple-facebook-open-graph-tags/public/class-webdados-fb-open-graph-public.php on line 316
    PHP Fatal error:  Uncaught TypeError: trim(): Argument #1 ($string) must be of type string, WP_Error given in /var/www/html/wp-content/plugins/wonderm00ns-simple-facebook-open-graph-tags/public/class-webdados-fb-open-graph-public.php:651
    Stack trace:
     #0 /var/www/html/wp-content/plugins/wonderm00ns-simple-facebook-open-graph-tags/public/class-webdados-fb-open-graph-public.php(651): trim()
     #1 /var/www/html/wp-includes/class-wp-hook.php(324): Webdados_FB_Public->insert_meta_tags()
     #2 /var/www/html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()
     #3 /var/www/html/wp-includes/plugin.php(517): WP_Hook->do_action()
     #4 /var/www/html/wp-includes/general-template.php(3192): do_action()
     #5 /var/www/html/wp-includes/template-canvas.php(17): wp_head()
     #6 /var/www/html/wp-includes/template-loader.php(106): include('...')
     #7 /var/www/html/wp-blog-header.php(19): require_once('...')
     #8 /var/www/html/index.php(17): require('...')
     #9 {main}
      thrown in /var/www/html/wp-content/plugins/wonderm00ns-simple-facebook-open-graph-tags/public/class-webdados-fb-open-graph-public.php on line 651

    Note that we’re not generating these links ourselves, but I am seeing fatal errors in the logs by attackers constructing web queries, presumably attempting to trigger bugs.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    4 months, 2 weeks ago

    Hi @leedxw ,

    I hope you’re doing well.

    Thank you for contacting the WP Experts Support Team. I am happy to assist you today.

    I’ve forwarded your query to our Technical Team and will keep you informed once we receive any updates.

    Thanks for your patience.

    Warm regards,
    WP Experts Support Team

    Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    4 months, 2 weeks ago

    Hi @leedxw ,

    I hope you are doing well,

    I appreciate your patience. Could you please share your WordPress and PHP version? This will help us to reproduce the issue and provide you with further assistance.

    Looking forward to your response.

    Thanks & Regards,
    WP Experts Support Team

    Thread Starter leedxw

    (@leedxw)

    4 months, 2 weeks ago

    wordpress 6.8.2

    php 8.3.6

    Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    4 months, 1 week ago

    Hi @leedxw ,

    I hope you are doing well,

    Thank you for providing the details. We will look into this issue in our environment and get back to you soon.

    I appreciate your patience.

    Warm regards,
    WP Experts Support Team

    Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    4 months, 1 week ago

    Hi @leedxw ,

    I hope you are doing well.

    Thanks for your patience! We’ve made some changes to the code. Please download the beta version from the link below and check if the issue is fixed:

    Beta Version Download Link

    After testing, let us know if everything works fine. Your feedback is really helpful to us.

    We are looking forward to your response.

    Best regards,
    WP Experts Support Team

    Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    4 months ago

    Hi @leedxw ,

    I hope you’re doing well!

    I wanted to follow up on the updated plugin we provided. Have you had a chance to install it? Your feedback would be greatly appreciated.

    Hope to hear from you soon.

    Best regards,
    WP Experts Support Team

    Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    4 months ago

    Hi @leedxw ,

    I hope you’re doing well!

    I wanted to follow up on the updated plugin we sent you. Could you confirm whether you’ve had a chance to install it? Your feedback would be very helpful.

    Once we hear from you, we will plan to release this to other users.

    Looking forward to your response.

    Best regards,
    WP Experts Support Team

    Plugin Support Muhammad Usama Azad

    (@usamaazad99)

    3 months, 3 weeks ago

    Hi,

    I hope you are doing well,

    We are marking this thread as resolved due to inactivity. If you encounter any further issues, please feel free to open a new thread.

    Have a great day!

Viewing 8 replies - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.