Changeset 3281954
- Timestamp:
- 04/25/2025 02:22:44 PM (8 months ago)
- Location:
- bp-messages-tool/trunk
- Files:
-
- 3 edited
-
loader.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
-
templates/bpmt-messages-loop.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
bp-messages-tool/trunk/loader.php
r2353122 r3281954 4 4 Plugin URI: https://www.philopress.com 5 5 Description: View Messages for any BuddyPress member via wp-admin screen Tools > BP Messages 6 Version: 2. 26 Version: 2.3 7 7 Author: PhiloPress 8 8 Author URI: https://www.philopress.com/ -
bp-messages-tool/trunk/readme.txt
r2353122 r3281954 6 6 Plugin URI: https://philopress.com/ 7 7 Requires at least: WP 4.0 8 Tested up to: 5.49 Stable tag: 2. 28 Tested up to: 6.8 9 Stable tag: 2.3 10 10 License: GPLv2 or later 11 11 … … 44 44 45 45 == Changelog == 46 47 = 2.3 = 48 * fix XSS vulnerability 46 49 47 50 = 2.2 = -
bp-messages-tool/trunk/templates/bpmt-messages-loop.php
r2101672 r3281954 12 12 $bpmt_get_member = '&user_id=' . $bpmt_user_data->ID; 13 13 else 14 $bpmt_get_member = '&user_id=' . $_GET['user'];14 $bpmt_get_member = '&user_id=' . intval( sanitize_text_field( $_GET['user'] ) ); 15 15 16 16 17 if( isset( $_GET['mpage'] ) ) 18 $bpmt_get_member .= '&mpage=' . $_GET['mpage']; 17 if( isset( $_GET['mpage'] ) ) { 18 19 $mpage = intval( sanitize_text_field( $_GET['mpage'] ) ); 20 21 $bpmt_get_member .= '&mpage=' . $mpage; 22 23 } 19 24 20 25 $bpmt_get_member .= '&box=' . $bpmt_user_data->box;
Note: See TracChangeset
for help on using the changeset viewer.