search

GravityKit / GravityView

The best and easiest way to display Gravity Forms entries on your website.
https://www.gravitykit.com/products/gravityview/
245 stars 62 forks source link

Unable to search for users in the "Change Entry Creator" select field (since GV 2.30) #2190

Closed bennemann closed 3 weeks ago

bennemann commented 3 weeks ago

When attempting to search for users in the "Change Entry Creator" select field, the AJAX request always produces an empty response, resulting in this message: "The results could not be loaded":

image

Steps to Reproduce:

  1. Edit any entry in the Gravity Forms interface.
  2. Attempt to search for a user in the "Change Entry Creator" select field.

I think this issue was introduced in commit 24f875b.

The wp_kses function is stripping out the hidden <input> field that contains the nonce used for the AJAX request.

As a result, the nonce verification fails, causing the request to die into an empty response.

bennemann commented 3 weeks ago

https://secure.helpscout.net/conversation/2752925566/58624

bennemann commented 3 weeks ago

https://secure.helpscout.net/conversation/2748265455/58435/

bennemann commented 3 weeks ago

https://secure.helpscout.net/conversation/2753414571/58643

rafaehlers commented 3 weeks ago

Customers were notified of the fix in GV 2.31 ✅