WordPress.org
Get WordPress

Plugin Directory

Changeset 3397751


Ignore:
Timestamp:
11/18/2025 06:02:21 AM (4 months ago)
Author:
labs64
Message:

Update to version 0.10.2 from GitHub

Location:
pluginpass-pro-plugintheme-licensing
Files:
12 edited
1 copied

Legend:

Unmodified
Added
Removed

  • pluginpass-pro-plugintheme-licensing/tags/0.10.2/README.txt

    r3397102 r3397751  
    88Tested up to: 6.8
    99Requires PHP: 8.2
    10 Stable tag: 0.10.1
     10Stable tag: 0.10.2
    1111License: GPLv2 or later
    1212License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    121121== Changelog ==
    122122
     123= 0.10.2 =
     124* Fix: Harden file read operations against path traversal attacks
     125
    123126= 0.10.1 =
    124127* This release reactivates the PluginPass plugin with major security updates and modernization. The update addresses critical security vulnerabilities and ensures compatibility with modern WordPress and PHP versions.

  • pluginpass-pro-plugintheme-licensing/tags/0.10.2/composer.lock

    r3397102 r3397751  
    698698        {
    699699            "name": "phpcsstandards/phpcsutils",
    700             "version": "1.2.0",
     700            "version": "1.2.1",
    701701            "source": {
    702702                "type": "git",
    703703                "url": "https://github.com/PHPCSStandards/PHPCSUtils.git",
    704                 "reference": "fa82d14ad1c1713224a52c66c78478145fe454ba"
    705             },
    706             "dist": {
    707                 "type": "zip",
    708                 "url": "https://api.github.com/repos/PHPCSStandards/PHPCSUtils/zipball/fa82d14ad1c1713224a52c66c78478145fe454ba",
    709                 "reference": "fa82d14ad1c1713224a52c66c78478145fe454ba",
     704                "reference": "d71128c702c180ca3b27c761b6773f883394f162"
     705            },
     706            "dist": {
     707                "type": "zip",
     708                "url": "https://api.github.com/repos/PHPCSStandards/PHPCSUtils/zipball/d71128c702c180ca3b27c761b6773f883394f162",
     709                "reference": "d71128c702c180ca3b27c761b6773f883394f162",
    710710                "shasum": ""
    711711            },
     
    787787                }
    788788            ],
    789             "time": "2025-11-11T00:17:56+00:00"
     789            "time": "2025-11-17T12:58:33+00:00"
    790790        },
    791791        {

  • pluginpass-pro-plugintheme-licensing/tags/0.10.2/constants.php

    r3397102 r3397751  
    1212if ( ! defined( NS . 'PLUGIN_VERSION' ) ) {
    1313    // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.VariableConstantNameFound -- Constants are namespace-prefixed via NS
    14     define( NS . 'PLUGIN_VERSION', '0.10.1' );
     14    define( NS . 'PLUGIN_VERSION', '0.10.2' );
    1515}
    1616

  • pluginpass-pro-plugintheme-licensing/tags/0.10.2/inc/libraries/autoloader.php

    r3397102 r3397751  
    2424
    2525        // If the specified $class_name does not include our namespace, duck out.
    26         if ( false === strpos( $class_name, 'PluginPass' ) ) {
     26        if ( 0 !== strpos( $class_name, 'PluginPass\\' ) ) {
    2727                return;
    2828        }
     
    3030        // Skip the main PluginPass class as it's defined in the main plugin file.
    3131        if ( 'PluginPass\\PluginPass' === $class_name ) {
     32            return;
     33        }
     34
     35        // Security: Prevent directory traversal attacks.
     36        if ( strpos( $class_name, '..' ) !== false || strpos( $class_name, "\0" ) !== false ) {
    3237            return;
    3338        }
     
    7075
    7176        // Now build a path to the file using mapping to the file location.
    72         $filepath  = trailingslashit( untrailingslashit( plugin_dir_path( dirname( __DIR__ ) ) ) . $namespace );
     77        $base_dir  = plugin_dir_path( dirname( __DIR__ ) );
     78        $filepath  = trailingslashit( untrailingslashit( $base_dir ) . $namespace );
    7379        $filepath .= $file_name;
    7480
    75         // If the file exists in the specified path, then include it.
    76         if ( file_exists( $filepath ) ) {
    77                 include_once $filepath;
     81        // Security: Validate the resolved file path is within the plugin directory.
     82        $real_base = realpath( $base_dir );
     83        $real_file = realpath( $filepath );
     84
     85        // If the file exists and is within our plugin directory, include it.
     86        if ( $real_file && $real_base && 0 === strpos( $real_file, $real_base ) && file_exists( $real_file ) ) {
     87                include_once $real_file;
    7888        } else {
    7989            wp_die(

  • pluginpass-pro-plugintheme-licensing/tags/0.10.2/pluginpass.php

    r3397102 r3397751  
    1616 * Plugin URI:        https://wordpress.org/plugins/pluginpass-pro-plugintheme-licensing/
    1717 * Description:       Easily control the use and monetize your WordPress plugins and themes using PluginPass - a WordPress License Manager backed by Labs64 NetLicensing.
    18  * Version:           0.10.1
     18 * Version:           0.10.2
    1919 * Author:            Labs64
    2020 * Author URI:        https://netlicensing.io

  • pluginpass-pro-plugintheme-licensing/tags/0.10.2/vendor/composer/installed.php

    r3397102 r3397751  
    22    'root' => array(
    33        'name' => 'labs64/pluginpass',
    4         'pretty_version' => '0.10.1',
    5         'version' => '0.10.1.0',
    6         'reference' => 'bc2e8bc49550b1471fb852b6a7fc75cfc246ecc2',
     4        'pretty_version' => '0.10.2',
     5        'version' => '0.10.2.0',
     6        'reference' => 'c7f4f887574b5710986b84daefa5c5a8df8d1c1e',
    77        'type' => 'wordpress-plugin',
    88        'install_path' => __DIR__ . '/../../',
     
    3030        ),
    3131        'labs64/pluginpass' => array(
    32             'pretty_version' => '0.10.1',
    33             'version' => '0.10.1.0',
    34             'reference' => 'bc2e8bc49550b1471fb852b6a7fc75cfc246ecc2',
     32            'pretty_version' => '0.10.2',
     33            'version' => '0.10.2.0',
     34            'reference' => 'c7f4f887574b5710986b84daefa5c5a8df8d1c1e',
    3535            'type' => 'wordpress-plugin',
    3636            'install_path' => __DIR__ . '/../../',

  • pluginpass-pro-plugintheme-licensing/trunk/README.txt

    r3397102 r3397751  
    88Tested up to: 6.8
    99Requires PHP: 8.2
    10 Stable tag: 0.10.1
     10Stable tag: 0.10.2
    1111License: GPLv2 or later
    1212License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    121121== Changelog ==
    122122
     123= 0.10.2 =
     124* Fix: Harden file read operations against path traversal attacks
     125
    123126= 0.10.1 =
    124127* This release reactivates the PluginPass plugin with major security updates and modernization. The update addresses critical security vulnerabilities and ensures compatibility with modern WordPress and PHP versions.

  • pluginpass-pro-plugintheme-licensing/trunk/composer.lock

    r3397102 r3397751  
    698698        {
    699699            "name": "phpcsstandards/phpcsutils",
    700             "version": "1.2.0",
     700            "version": "1.2.1",
    701701            "source": {
    702702                "type": "git",
    703703                "url": "https://github.com/PHPCSStandards/PHPCSUtils.git",
    704                 "reference": "fa82d14ad1c1713224a52c66c78478145fe454ba"
    705             },
    706             "dist": {
    707                 "type": "zip",
    708                 "url": "https://api.github.com/repos/PHPCSStandards/PHPCSUtils/zipball/fa82d14ad1c1713224a52c66c78478145fe454ba",
    709                 "reference": "fa82d14ad1c1713224a52c66c78478145fe454ba",
     704                "reference": "d71128c702c180ca3b27c761b6773f883394f162"
     705            },
     706            "dist": {
     707                "type": "zip",
     708                "url": "https://api.github.com/repos/PHPCSStandards/PHPCSUtils/zipball/d71128c702c180ca3b27c761b6773f883394f162",
     709                "reference": "d71128c702c180ca3b27c761b6773f883394f162",
    710710                "shasum": ""
    711711            },
     
    787787                }
    788788            ],
    789             "time": "2025-11-11T00:17:56+00:00"
     789            "time": "2025-11-17T12:58:33+00:00"
    790790        },
    791791        {

  • pluginpass-pro-plugintheme-licensing/trunk/constants.php

    r3397102 r3397751  
    1212if ( ! defined( NS . 'PLUGIN_VERSION' ) ) {
    1313    // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.VariableConstantNameFound -- Constants are namespace-prefixed via NS
    14     define( NS . 'PLUGIN_VERSION', '0.10.1' );
     14    define( NS . 'PLUGIN_VERSION', '0.10.2' );
    1515}
    1616

  • pluginpass-pro-plugintheme-licensing/trunk/inc/libraries/autoloader.php

    r3397102 r3397751  
    2424
    2525        // If the specified $class_name does not include our namespace, duck out.
    26         if ( false === strpos( $class_name, 'PluginPass' ) ) {
     26        if ( 0 !== strpos( $class_name, 'PluginPass\\' ) ) {
    2727                return;
    2828        }
     
    3030        // Skip the main PluginPass class as it's defined in the main plugin file.
    3131        if ( 'PluginPass\\PluginPass' === $class_name ) {
     32            return;
     33        }
     34
     35        // Security: Prevent directory traversal attacks.
     36        if ( strpos( $class_name, '..' ) !== false || strpos( $class_name, "\0" ) !== false ) {
    3237            return;
    3338        }
     
    7075
    7176        // Now build a path to the file using mapping to the file location.
    72         $filepath  = trailingslashit( untrailingslashit( plugin_dir_path( dirname( __DIR__ ) ) ) . $namespace );
     77        $base_dir  = plugin_dir_path( dirname( __DIR__ ) );
     78        $filepath  = trailingslashit( untrailingslashit( $base_dir ) . $namespace );
    7379        $filepath .= $file_name;
    7480
    75         // If the file exists in the specified path, then include it.
    76         if ( file_exists( $filepath ) ) {
    77                 include_once $filepath;
     81        // Security: Validate the resolved file path is within the plugin directory.
     82        $real_base = realpath( $base_dir );
     83        $real_file = realpath( $filepath );
     84
     85        // If the file exists and is within our plugin directory, include it.
     86        if ( $real_file && $real_base && 0 === strpos( $real_file, $real_base ) && file_exists( $real_file ) ) {
     87                include_once $real_file;
    7888        } else {
    7989            wp_die(

  • pluginpass-pro-plugintheme-licensing/trunk/pluginpass.php

    r3397102 r3397751  
    1616 * Plugin URI:        https://wordpress.org/plugins/pluginpass-pro-plugintheme-licensing/
    1717 * Description:       Easily control the use and monetize your WordPress plugins and themes using PluginPass - a WordPress License Manager backed by Labs64 NetLicensing.
    18  * Version:           0.10.1
     18 * Version:           0.10.2
    1919 * Author:            Labs64
    2020 * Author URI:        https://netlicensing.io

  • pluginpass-pro-plugintheme-licensing/trunk/vendor/composer/installed.php

    r3397102 r3397751  
    22    'root' => array(
    33        'name' => 'labs64/pluginpass',
    4         'pretty_version' => '0.10.1',
    5         'version' => '0.10.1.0',
    6         'reference' => 'bc2e8bc49550b1471fb852b6a7fc75cfc246ecc2',
     4        'pretty_version' => '0.10.2',
     5        'version' => '0.10.2.0',
     6        'reference' => 'c7f4f887574b5710986b84daefa5c5a8df8d1c1e',
    77        'type' => 'wordpress-plugin',
    88        'install_path' => __DIR__ . '/../../',
     
    3030        ),
    3131        'labs64/pluginpass' => array(
    32             'pretty_version' => '0.10.1',
    33             'version' => '0.10.1.0',
    34             'reference' => 'bc2e8bc49550b1471fb852b6a7fc75cfc246ecc2',
     32            'pretty_version' => '0.10.2',
     33            'version' => '0.10.2.0',
     34            'reference' => 'c7f4f887574b5710986b84daefa5c5a8df8d1c1e',
    3535            'type' => 'wordpress-plugin',
    3636            'install_path' => __DIR__ . '/../../',
Note: See TracChangeset for help on using the changeset viewer.