WordPress.org
Get WordPress

Plugin Directory

Changeset 1642514


Ignore:
Timestamp:
04/21/2017 03:23:28 PM (8 years ago)
Author:
stormrockwell
Message:

fixed bug where unpatched vulnerabilities wouldn't alert the user

Location:
vulnerable-plugin-checker/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • vulnerable-plugin-checker/trunk/readme.txt

    r1558465 r1642514  
    44Requires at least: 4.0
    55Tested up to: 4.7
    6 Stable tag: 0.3.9
     6Stable tag: 0.3.10
    77License: GPLv2
    88License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html
     
    4343
    4444== Changelog ==
     45
     46= 0.3.10 =
     47
     48- Fixed bug where unpatched vulnerabilities were ignored (thank you @pluginvulnerabilities for finding the bug)
    4549
    4650= 0.3.9 =

  • vulnerable-plugin-checker/trunk/todo.txt

    r1552788 r1642514  
    33check past plugin vulnerabilities
    44error message if email fails to send automatically
    5 Translate settings page title
     5translate settings page title
     6show only vulnerabilities that effect the current version installed
    67
    78check past vulnerabilities button while searching plugins

  • vulnerable-plugin-checker/trunk/vulnerable-plugin-checker.php

    r1558465 r1642514  
    151151                        // if plugin fix is greater than current version, assume it could be vulnerable
    152152                        $plugin['is_known_vulnerable'] = 'false';
    153                         if ( version_compare( $vulnerability['fixed_in'], $plugin['Version'] ) > 0 ) {         
     153                        if ( null == $vulnerability['fixed_in'] || version_compare( $vulnerability['fixed_in'], $plugin['Version'] ) > 0 ) {           
    154154                            $plugin['is_known_vulnerable'] = 'true';
    155155                        }
     
    188188                    // if plugin fix is greater than current version, assume it could be vulnerable
    189189                    $plugin['is_known_vulnerable'] = 'false';
    190                     if ( version_compare( $vulnerability->fixed_in, $plugin['Version'] ) > 0 ) {           
     190                    if ( null == $vulnerability->fixed_in || version_compare( $vulnerability->fixed_in, $plugin['Version'] ) > 0 ) {           
    191191                        $plugin['is_known_vulnerable'] = 'true';
    192192                    }
Note: See TracChangeset for help on using the changeset viewer.