WordPress.org
Get WordPress

Plugin Directory

Changeset 3048698


Ignore:
Timestamp:
03/10/2024 06:44:56 PM (2 years ago)
Author:
evgenyviner
Message:

Corrected security vulnerabilities.

Location:
demo-awesome/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • demo-awesome/trunk/README.txt

    r2952567 r3048698  
    33Tags: theme4press, data importer, one-click demo import, theme demo, demos, importer, theme4press demo
    44Requires at least: 4.7
    5 Tested up to: 6.3
     5Tested up to: 6.4.3
    66Requires PHP: 7.0
    77Stable tag: trunk
     
    4949== Changelog ==
    5050
     51= 1.0.2 =
     52* Fixed some security vulnerablities
     53
    5154= 1.0.1 =
    5255* Corrected a bug, which caused the message "Missing plugins" to appear, when all required plugins are actually installed.

  • demo-awesome/trunk/demo-awesome.php

    r2662336 r3048698  
    1010 * Plugin URI:        https://theme4press.com/demo-awesome-the-data-importer/
    1111 * Description:       Import the Theme4Press theme demo content including theme settings, menus, widgets, sliders, and much more with just one click. Awesome!
    12  * Version:           1.0.1
     12 * Version:           1.0.2
    1313 * Author:            Theme4Press
    1414 * Author URI:        https://theme4press.com

  • demo-awesome/trunk/inc/admin/class-demo-awesome-admin.php

    r2158733 r3048698  
    202202            }
    203203        }
     204       
    204205
    205206        /**
     
    208209        function call_import_function_from_ajax()
    209210        {
    210 
    211             $data_demo = isset($_REQUEST['data_demo']) ? $_REQUEST['data_demo'] : array();
     211            if ( !current_user_can('manage_options') ) {
     212                wp_die('You do not have sufficient permissions to access this feature.');
     213            }       
     214            $data_demo_raw = isset($_REQUEST['data_demo']) ? $_REQUEST['data_demo'] : array();
     215            $data_demo = array();
     216
     217            //TODO (EvgenyViner): Look for a more elegant way to sanitize the data
     218
     219            if (is_array($data_demo_raw)) {
     220                foreach($data_demo_raw as $key => $item) {
     221                    if(is_array($data_demo_raw[$key])) {
     222                        foreach($data_demo_raw[$key] as $key2 => $item2) {
     223                            if(is_array($data_demo_raw[$key][$key2])) {
     224                                foreach($data_demo_raw[$key][$key2] as $key3 => $item3) {
     225                                    $data_demo[$key][$key2][$key3] = esc_attr($item3);
     226                                }
     227                            }
     228                            else $data_demo[$key][$key2] = esc_attr($item2);
     229                        }
     230                    }
     231                    else $data_demo[$key] = esc_attr($item);
     232                }
     233            }
     234                else {
     235                    $data_demo = htmlspecialchars((string)$data_demo_raw, ENT_QUOTES, 'UTF-8');
     236                }
    212237
    213238            $template_name = isset($data_demo['folder_path']) ? $data_demo['folder_path'] : '';
     
    317342            // Include the required plugins list
    318343            require dirname(__FILE__).'/required-plugins.php';
    319             $data_demo = isset($_REQUEST['data_demo']) ? $_REQUEST['data_demo'] : array();
     344            $data_demo_raw = isset($_REQUEST['data_demo']) ? $_REQUEST['data_demo'] : array();
     345            $data_demo = array();
     346           
     347            //TODO (EvgenyViner): Look for a more elegant way to sanitize the data
     348
     349            if (is_array($data_demo_raw)) {
     350                foreach($data_demo_raw as $key => $item) {
     351                    if(is_array($data_demo_raw[$key])) {
     352                        foreach($data_demo_raw[$key] as $key2 => $item2) {
     353                            if(is_array($data_demo_raw[$key][$key2])) {
     354                                foreach($data_demo_raw[$key][$key2] as $key3 => $item3) {
     355                                    $data_demo[$key][$key2][$key3] = esc_attr($item3);
     356                                }
     357                            }
     358                            else $data_demo[$key][$key2] = esc_attr($item2);
     359                        }
     360                    }
     361                    else $data_demo[$key] = esc_attr($item);
     362                }
     363            }
     364                else {
     365                    $data_demo = htmlspecialchars((string)$data_demo_raw, ENT_QUOTES, 'UTF-8');
     366                }
     367           
    320368            demo_awesome_required_plugins($data_demo);
    321369            wp_die(); // this is required to terminate immediately and return a proper response
     
    371419
    372420            }
     421
    373422            $all_plugins = apply_filters('all_plugins', get_plugins());
    374423

  • demo-awesome/trunk/inc/admin/required-plugins.php

    r2158733 r3048698  
    127127                                            $plugin['disable_description']
    128128                                        );
     129                                     //   var_dump($plugin);
     130                                        $plugin['slug'] =  isset( $plugin['slug']{1} ) ? $plugin['slug'] : $plugin['keyword'];
    129131                                        $premium_plugin = sprintf(
    130132                                            '<a class="button evole-install-plugin button-proceed" target="_blank"
Note: See TracChangeset for help on using the changeset viewer.