WordPress.org
Get WordPress

Plugin Directory

Changeset 3267956


Ignore:
Timestamp:
04/07/2025 02:38:06 PM (8 months ago)
Author:
JavierCasares
Message:

[4.0.4] - 2025-04-07

Added

  • Extra sanitizations.

Changed

  • Translation improvements.

Fixed

  • Plugin and translation load.

Compatibility

  • WordPress: 4.1 - 6.8
  • PHP: 5.6 - 8.4
  • WP-CLI: 2.3.0 - 2.11.0

Tests

  • PHP Coding Standards: 3.12.1
  • WordPress Coding Standards: 3.1.0
  • Plugin Check (PCP): 1.4.0
  • SonarCloud Code Review
Location:
wpvulnerability
Files:
61 added
5 edited

Legend:

Unmodified
Added
Removed

  • wpvulnerability/trunk/changelog.txt

    r3176714 r3267956  
    11== Changelog ==
     2
     3= [4.0.4] - 2025-04-07 =
     4
     5**Added**
     6
     7* Extra sanitizations.
     8
     9**Changed**
     10
     11* Translation improvements.
     12
     13**Fixed**
     14
     15* Plugin and translation load.
     16
     17**Compatibility**
     18
     19* WordPress: 4.1 - 6.8
     20* PHP: 5.6 - 8.4
     21* WP-CLI: 2.3.0 - 2.11.0
     22
     23**Tests**
     24
     25* PHP Coding Standards: 3.12.1
     26* WordPress Coding Standards: 3.1.0
     27* Plugin Check (PCP): 1.4.0
     28* SonarCloud Code Review
    229
    330= [4.0.3] - 2024-10-28 =

  • wpvulnerability/trunk/readme.txt

    r3176714 r3267956  
    33Tags: security, vulnerability, site-health
    44Requires at least: 4.1
    5 Tested up to: 6.7
    6 Stable tag: 4.0.3
     5Tested up to: 6.8
     6Stable tag: 4.0.4
    77Requires PHP: 5.6
    8 Version: 4.0.3
     8Version: 4.0.4
    99License: GPL-2.0-or-later
    1010License URI: https://spdx.org/licenses/GPL-2.0-or-later.html
     
    124124== Compatibility ==
    125125
    126 * WordPress: 4.1 - 6.7
     126* WordPress: 4.1 - 6.8
    127127* PHP: 5.6 - 8.4
    128128* WP-CLI: 2.3.0 - 2.11.0
    129129
    130130== Changelog ==
     131
     132= [4.0.4] - 2025-04-07 =
     133
     134**Added**
     135
     136* Extra sanitizations.
     137
     138**Changed**
     139
     140* Translation improvements.
     141
     142**Fixed**
     143
     144* Plugin and translation load.
     145
     146**Compatibility**
     147
     148* WordPress: 4.1 - 6.8
     149* PHP: 5.6 - 8.4
     150* WP-CLI: 2.3.0 - 2.11.0
     151
     152**Tests**
     153
     154* PHP Coding Standards: 3.12.1
     155* WordPress Coding Standards: 3.1.0
     156* Plugin Check (PCP): 1.4.0
     157* SonarCloud Code Review
    131158
    132159= [4.0.3] - 2024-10-28 =
     
    244271== Vulnerabilities ==
    245272
    246 * No vulnerabilities have been published up to version 4.0.2.
     273* No vulnerabilities have been published up to version 4.0.4.
    247274
    248275Found a security vulnerability? Please report it to us privately at the [WPVulnerability GitHub repository](https://github.com/javiercasares/wpvulnerability/security/advisories/new).

  • wpvulnerability/trunk/wpvulnerability-admin.php

    r3161036 r3267956  
    11451145
    11461146    if ( version_compare( get_bloginfo( 'version' ), '5.2', '>=' ) ) {
    1147         echo esc_html( __( 'More information? Visit', 'wpvulnerability' ) ) . ' <a href="' . esc_url( get_admin_url( null, 'site-health.php' ) ) . '">' . esc_html( __( 'Site Health' ) ) . '</a>';
     1147        echo esc_html( __( 'More information? Visit', 'wpvulnerability' ) ) . ' <a href="' . esc_url( get_admin_url( null, 'site-health.php' ) ) . '">' . esc_html( __( 'Site Health', 'wpvulnerability' ) ) . '</a>';
    11481148    }
    11491149

  • wpvulnerability/trunk/wpvulnerability-adminms.php

    r3161036 r3267956  
    12311231
    12321232    if ( version_compare( get_bloginfo( 'version' ), '5.2', '>=' ) ) {
    1233         echo esc_html( __( 'More information? Visit', 'wpvulnerability' ) ) . ' <a href="' . esc_url( get_admin_url( null, 'site-health.php' ) ) . '">' . esc_html( __( 'Site Health' ) ) . '</a>';
     1233        echo esc_html( __( 'More information? Visit', 'wpvulnerability' ) ) . ' <a href="' . esc_url( get_admin_url( null, 'site-health.php' ) ) . '">' . esc_html( __( 'Site Health', 'wpvulnerability' ) ) . '</a>';
    12341234    }
    12351235
     
    12611261
    12621262/**
     1263 * Sanitiza estrictamente la configuración principal (emails y periodos).
     1264 *
     1265 * @param array $input Valores de entrada.
     1266 * @return array Valores sanitizados.
     1267 */
     1268function wpvulnerability_sanitize_config( $input ) {
     1269    $sanitized = array();
     1270
     1271    // Emails (lista separada por comas).
     1272    if ( isset( $input['emails'] ) ) {
     1273        $emails_raw       = explode( ',', $input['emails'] );
     1274        $sanitized_emails = array();
     1275
     1276        foreach ( $emails_raw as $email ) {
     1277            $email = sanitize_email( trim( $email ) );
     1278            if ( is_email( $email ) ) {
     1279                $sanitized_emails[] = $email;
     1280            }
     1281        }
     1282
     1283        $sanitized['emails'] = implode( ',', $sanitized_emails );
     1284    }
     1285
     1286    // Period (daily, weekly, monthly).
     1287    $allowed_periods = array( 'daily', 'weekly', 'monthly' );
     1288    if ( isset( $input['period'] ) && in_array( $input['period'], $allowed_periods, true ) ) {
     1289        $sanitized['period'] = $input['period'];
     1290    } else {
     1291        $sanitized['period'] = 'weekly';
     1292    }
     1293
     1294    return $sanitized;
     1295}
     1296
     1297/**
     1298 * Sanitiza los mensajes generados por el plugin (mensajes simples).
     1299 *
     1300 * @param array $input Valores de entrada.
     1301 * @return array Valores sanitizados.
     1302 */
     1303function wpvulnerability_sanitize_messages( $input ) {
     1304    $sanitized = array();
     1305
     1306    foreach ( $input as $key => $message ) {
     1307        $sanitized[ sanitize_key( $key ) ] = sanitize_text_field( $message );
     1308    }
     1309
     1310    return $sanitized;
     1311}
     1312
     1313/**
     1314 * Sanitiza estrictamente las opciones de análisis (booleanos).
     1315 *
     1316 * @param array $input Valores de entrada.
     1317 * @return array Valores sanitizados.
     1318 */
     1319function wpvulnerability_sanitize_analyze( $input ) {
     1320    $components = array(
     1321        'core',
     1322        'plugins',
     1323        'themes',
     1324        'php',
     1325        'apache',
     1326        'nginx',
     1327        'mariadb',
     1328        'mysql',
     1329        'imagemagick',
     1330        'curl',
     1331        'memcached',
     1332        'redis',
     1333        'sqlite',
     1334    );
     1335
     1336    $sanitized = array();
     1337
     1338    foreach ( $components as $component ) {
     1339        $sanitized[ $component ] = isset( $input[ $component ] ) ? (bool) $input[ $component ] : false;
     1340    }
     1341
     1342    return $sanitized;
     1343}
     1344
     1345/**
    12631346 * Initializes the WP-Admin settings page for the WP Vulnerability plugin.
    12641347 *
     
    12721355    register_setting(
    12731356        'admin_wpvulnerability_settings',
    1274         'wpvulnerability-config'
     1357        'wpvulnerability-config',
     1358        array(
     1359            'sanitize_callback' => 'wpvulnerability_sanitize_config',
     1360            'default'           => array(),
     1361            'show_in_rest'      => false,
     1362            'type'              => 'array',
     1363        )
    12751364    );
    12761365
     
    12781367    register_setting(
    12791368        'admin_wpvulnerability_settings',
    1280         'wpvulnerability-messages'
     1369        'wpvulnerability-messages',
     1370        array(
     1371            'sanitize_callback' => 'wpvulnerability_sanitize_messages',
     1372            'default'           => array(),
     1373            'show_in_rest'      => false,
     1374            'type'              => 'array',
     1375        )
    12811376    );
    12821377
     
    13101405    register_setting(
    13111406        'admin_wpvulnerability_analyze',
    1312         'wpvulnerability-analyze'
     1407        'wpvulnerability-analyze',
     1408        array(
     1409            'sanitize_callback' => 'wpvulnerability_sanitize_analyze',
     1410            'default'           => array(),
     1411            'show_in_rest'      => false,
     1412            'type'              => 'array',
     1413        )
    13131414    );
    13141415

  • wpvulnerability/trunk/wpvulnerability.php

    r3176714 r3267956  
    66 * Requires at least: 4.1
    77 * Requires PHP: 5.6
    8  * Version: 4.0.3
     8 * Version: 4.0.4
    99 * Author: Javier Casares
    1010 * Author URI: https://www.javiercasares.com/
     
    2424 * Set some constants that I can change in future versions.
    2525 */
    26 define( 'WPVULNERABILITY_PLUGIN_VERSION', '4.0.3' );
     26define( 'WPVULNERABILITY_PLUGIN_VERSION', '4.0.4' );
    2727define( 'WPVULNERABILITY_API_HOST', 'https://www.wpvulnerability.net/' );
    2828define( 'WPVULNERABILITY_CACHE_HOURS', 12 );
     
    5050     */
    5151    load_plugin_textdomain( 'wpvulnerability', false, dirname( WPVULNERABILITY_PLUGIN_BASE ) . '/languages' );
     52
    5253    wpvulnerability_activation();
    5354
     
    108109    register_deactivation_hook( WPVULNERABILITY_PLUGIN_FILE, 'wpvulnerability_deactivation' );
    109110    register_uninstall_hook( WPVULNERABILITY_PLUGIN_FILE, 'wpvulnerability_uninstall' );
    110     add_action( 'plugins_loaded', 'wpvulnerability_plugin_init' );
     111    add_action( 'init', 'wpvulnerability_plugin_init' );
    111112}
    112113
Note: See TracChangeset for help on using the changeset viewer.