WordPress.org
Get WordPress

Plugin Directory

Changeset 3302588


Ignore:
Timestamp:
05/29/2025 03:02:57 AM (7 months ago)
Author:
ninjateam
Message:

Version 1.2

Location:
ninjateam-telegram/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • ninjateam-telegram/trunk/blocks/src/init.php

    r2508342 r3302588  
    122122        $btn_icon_or_image = '';
    123123        if (empty($attributes['imageUrl'])) {
    124             $btn_icon_or_image = '<div class="tele__btn_icon"><img src="' . NTA_TELEGRAM_PLUGIN_URL . 'assets/img/telegram_logo.svg' . '" alt=' . $attributes['imageAlt'] . '/></div>';
     124            $btn_icon_or_image = '<div class="tele__btn_icon"><img src="' . esc_attr(NTA_TELEGRAM_PLUGIN_URL) . 'assets/img/telegram_logo.svg" alt="' . esc_attr($attributes['imageAlt']) . '"/></div>';
    125125        } else {
    126             $btn_icon_or_image = '<div class="tele__cs_img"><div class="tele__cs_img_wrap" style="background: url(' . $attributes['imageUrl'] . ') center center no-repeat; background-size: cover;"></div></div>';
     126            $btn_icon_or_image = '<div class="tele__cs_img"><div class="tele__cs_img_wrap" style="background: url(' . esc_attr($attributes['imageUrl']) . ') center center no-repeat; background-size: cover;"></div></div>';
    127127        }
    128128        $html = '';
    129129        $html .= '<div style="margin: 30px 0 30px;">';
    130         $html .= '<a target="_blank" href="https://t.me/' . $attributes['username'] . '" class="tele__button ' . $btnStyleClass . ' tele__stt_online ' . $avatarClass . '" style="background-color: ' . $attributes['buttonColor'] . '; color: ' . $attributes['textColor'] . '">';
    131         $html .= $btn_icon_or_image;
     130        $html .= '<a target="_blank" href="https://t.me/' . esc_attr($attributes['username']) . '" class="tele__button ' . esc_attr($btnStyleClass) . ' tele__stt_online ' . esc_attr($avatarClass) . '" style="background-color: ' . esc_attr($attributes['buttonColor']) . '; color: ' . esc_attr($attributes['textColor']) . '">';
     131        $html .= wp_kses_post($btn_icon_or_image);
    132132        $html .= '<div class="tele__btn_txt">';
    133133        if (!empty($attributes['buttonTitle'])) {
    134134            $html .= '<div class="tele__cs_info">';
    135             $html .= '<div class="tele__cs_name" style="color: ' . $attributes['textColor'] . '">' . $attributes['buttonTitle'] . '</div>';
     135            $html .= '<div class="tele__cs_name" style="color: ' . esc_attr($attributes['textColor']) . '">' . esc_html($attributes['buttonTitle']) . '</div>';
    136136            $html .= '<div class="tele__cs_status">Online</div></div>';
    137137        }
    138         $html .= '<div class="tele__btn_title">' . $attributes['buttonInfo'] . '</div></div></a></div>';
     138        $html .= '<div class="tele__btn_title">' . esc_html($attributes['buttonInfo']) . '</div></div></a></div>';
    139139        return $html;
    140140    }

  • ninjateam-telegram/trunk/readme.txt

    r3281367 r3302588  
    44Requires at least: 3.0
    55Tested up to: 6.8
    6 Stable tag: 1.1
     6Stable tag: 1.2
    77License: GPLv2 or later
    88License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    104104== Changelog ==
    105105
     106= May 29, 2025 - Version 1.2 =
     107- Fixed: Stored Cross-Site Scripting via Username Parameter
     108
    106109= Dec 18, 2024 - Version 1.1 =
    107110- Fixed: Security (Stored Cross-Site Scripting)

  • ninjateam-telegram/trunk/telegram.php

    r3209678 r3302588  
    55 * Plugin URI:        https://ninjateam.org/wordpress-telegram-chat
    66 * Description:       Integrate your Telegram experience directly into your website. This is one of the best way to connect and interact with your customer.
    7  * Version:           1.1
     7 * Version:           1.2
    88 * Author:            NinjaTeam
    99 * Author URI:        https://ninjateam.org
     
    1515defined( 'ABSPATH' ) || exit;
    1616
    17 define( 'NTA_TELEGRAM_VERSION', '1.1' );
     17define( 'NTA_TELEGRAM_VERSION', '1.2' );
    1818define( 'NTA_TELEGRAM_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
    1919define( 'NTA_TELEGRAM_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
     
    2121
    2222
    23 if ( file_exists( dirname( __FILE__ ) . '/includes/Review.php' ) ) {
    24     require_once dirname( __FILE__ ) . '/includes/Review.php';
     23if ( file_exists( __DIR__ . '/includes/Review.php' ) ) {
     24    require_once __DIR__ . '/includes/Review.php';
    2525}
    2626
Note: See TracChangeset for help on using the changeset viewer.