Closed milesimarco closed 1 year ago
Thanks for the suggestion but the proposed solution - a mere check for the presence of $_POST['mailpoet']
- would in fact open up an attack vector which would allow to circumvent the protection mechanism, so this would not be viable.
A possible solution could also be based on the groups_post_access_posts_where_apply
filter which is applied in the same function before the suggested code bit. This could be done in a separate plugin that implements the filter in a secure way.
If you would like to explore a solution based on the filter as suggested and would like to share your approach, please feel free to do so.
Added exception for Mailpoet to fix a bug causing no post to appear in the newsletter search box