WordPress.org
Get WordPress

Plugin Directory

Changeset 2712645


Ignore:
Timestamp:
04/21/2022 08:55:15 AM (4 years ago)
Author:
husobj
Message:

Version 3.4.1

Location:
wp-subtitle/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • wp-subtitle/trunk/CHANGELOG.md

    r2240907 r2712645  
    33This project adheres to [Semantic Versioning](http://semver.org/).
    44
     5## [3.4.1] - 2022-04-21
     6
     7### Security
     8- Resolve XSS issue by improving sanitization when saving subtitle custom field.
     9
    510## [3.4] - 2020-01-31
     11
     12### Changed
     13- Pass the current post object to the `wps_subtitle_field_placeholder` filter. Props [Dominik Schilling](https://github.com/ocean90).
    614
    715### Added

  • wp-subtitle/trunk/README.md

    r2240907 r2712645  
    141141--------------
    142142
     143### 3.4.1
     144Resolve XSS issue by improving sanitization when saving subtitle custom field.
     145
    143146### 3.4
    144147Added support for the SEOPress plugin and updating the subtitle via the REST API.

  • wp-subtitle/trunk/plugin/admin/admin.php

    r2240907 r2712645  
    2828        add_filter( '_wp_post_revision_fields', array( 'WPSubtitle_Admin', '_wp_post_revision_fields' ), 9 );
    2929        add_action( 'wp_restore_post_revision', array( 'WPSubtitle_Admin', 'wp_restore_post_revision' ), 10, 2 );
     30
     31        add_filter( 'sanitize_post_meta_wps_subtitle', array( 'WPSubtitle_Admin', 'sanitize_subtitle_value' ) );
    3032
    3133    }
     
    315317        // As of WordPress 4.3 no need to esc_attr() AND htmlentities().
    316318        // @see  https://core.trac.wordpress.org/changeset/33271
    317         echo '<input type="text" id="wpsubtitle" name="wps_subtitle" value="' . esc_attr( $value ) . '" autocomplete="off" placeholder="' . esc_attr( apply_filters( 'wps_subtitle_field_placeholder', __( 'Enter subtitle here', 'wp-subtitle' ) ) ) . '" style="width:99%;" />';
     319        echo '<input type="text" id="wpsubtitle" name="wps_subtitle" value="' . esc_attr( $value ) . '" autocomplete="off" placeholder="' . esc_attr( apply_filters( 'wps_subtitle_field_placeholder', __( 'Enter subtitle here', 'wp-subtitle' ), $post ) ) . '" style="width:99%;" />';
    318320
    319321        echo apply_filters( 'wps_subtitle_field_description', '', $post );
     
    342344        // As of WordPress 4.3 no need to esc_attr() AND htmlentities().
    343345        // @see  https://core.trac.wordpress.org/changeset/33271
    344         echo '<input type="text" id="wpsubtitle" name="wps_subtitle" value="' . esc_attr( $value ) . '" autocomplete="off" placeholder="' . esc_attr( apply_filters( 'wps_subtitle_field_placeholder', __( 'Enter subtitle here', 'wp-subtitle' ) ) ) . '" />';
     346        echo '<input type="text" id="wpsubtitle" name="wps_subtitle" value="' . esc_attr( $value ) . '" autocomplete="off" placeholder="' . esc_attr( apply_filters( 'wps_subtitle_field_placeholder', __( 'Enter subtitle here', 'wp-subtitle' ), $post ) ) . '" />';
    345347
    346348        echo '</div>';
     
    520522    }
    521523
     524    public static function sanitize_subtitle_value( $value ) {
     525
     526        return wp_kses( $value, wp_kses_allowed_html( 'data' ) );
     527
     528    }
     529
    522530}

  • wp-subtitle/trunk/readme.txt

    r2240907 r2712645  
    44Tags: subtitle, content, title, subheading, subhead, alternate title
    55Requires at least: 3.7
    6 Tested up to: 5.3.2
    7 Stable tag: 3.4
     6Tested up to: 5.9.3
     7Stable tag: 3.4.1
    88License: GPLv2
    99License URI: http://www.gnu.org/licenses/gpl-2.0.txt
     
    154154== Changelog ==
    155155
     156= 3.4.1 =
     157* Security: Resolve XSS issue by improving sanitization when saving subtitle custom field.
     158* Pass the current post object to the `wps_subtitle_field_placeholder` filter. Props [Dominik Schilling](https://github.com/ocean90).
     159
    156160= 3.4 =
    157161* Added support for the SEOPress plugin. Props @chriselkins.
     
    255259== Upgrade Notice ==
    256260
     261= 3.4.1 =
     262Resolve XSS issue by improving sanitization when saving subtitle custom field.
     263
    257264= 3.4 =
    258265Added support for the SEOPress plugin and updating the subtitle via the REST API.

  • wp-subtitle/trunk/wp-subtitle.php

    r2240907 r2712645  
    55Plugin URI: http://wordpress.org/plugins/wp-subtitle/
    66Description: Adds a subtitle field to pages and posts. Possible to add support for custom post types.
    7 Version: 3.4
     7Version: 3.4.1
    88Author: Ben Huson, Husani Oakley
    99Author URI: https://github.com/benhuson/wp-subtitle
Note: See TracChangeset for help on using the changeset viewer.