WordPress.org
Get WordPress

Plugin Directory

Changeset 3124882


Ignore:
Timestamp:
07/25/2024 12:41:19 AM (19 months ago)
Author:
123host
Message:

Fix XSS vulnerability

Location:
speakout/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • speakout/trunk/includes/emailpetition.php

    r2987748 r3124882  
    139139            $progress_width = ( $options[ 'petition_theme' ] == 'basic' ) ? 300 : 200; // defaults
    140140            $progress_width = isset( $attr[ 'progresswidth' ] ) ? $attr[ 'progresswidth' ] : $progress_width;
     141           
     142            // Function to detect potential JavaScript in shorcode
     143            function contains_js($input) {
     144                $pattern = '/(javascript|on\w+|<script|<\/script|<\?|<\w+[^>]*\s*on\w+\s*=\s*["\']?[^>"\']+["\']?)/i';
     145                return preg_match($pattern, $input);
     146            }
     147
     148            // Validate and sanitize shortcode attributes
     149            if (isset( $attr['width']) && contains_js($attr['width']) ||
     150                isset( $attr['height']) && contains_js($attr['height']) ||
     151                isset( $attr['css_classes']) && contains_js($attr['css_classes']  ) ||
     152                isset( $attr['progresswidth']) && contains_js($attr['progresswidth'])) {
     153                // Handle potential injection attempt
     154                die('Invalid javascript detected in shortcode');
     155            }
    141156
    142157            if ( !$expired ) {

  • speakout/trunk/readme.txt

    r3112801 r3124882  
    55Tested up to: 6.5
    66Requires PHP: 7.4
    7 Stable tag: 4.3.6
     7Stable tag: 4.4.0
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    2222
    2323== Changelog ==
     24
     25== 4.4.0 ==
     26
     27* bug fix: fixed XSS vulnerability in specially crafter shortcode - thanks Darius S. @ patchstack.com
    2428
    2529== 4.3.6 ==

  • speakout/trunk/speakout-email-petitions.php

    r3112801 r3124882  
    1616License URI: https://www.gnu.org/licenses/gpl-2.0.html
    1717
    18 Version: 4.3.6
     18Version: 4.4.0
    1919
    2020{Plugin Name} is free software: you can redistribute it and/or modify
     
    3434$db_petitions  = $wpdb->prefix . 'dk_speakout_petitions';
    3535$db_signatures = $wpdb->prefix . 'dk_speakout_signatures';
    36 $dk_speakout_version = '4.3.6';
     36$dk_speakout_version = '4.4.0';
    3737
    3838// enable localizations
Note: See TracChangeset for help on using the changeset viewer.