WordPress.org
Get WordPress

Plugin Directory

Changeset 3423917


Ignore:
Timestamp:
12/19/2025 06:09:21 PM (3 months ago)
Author:
etruel
Message:

Fully compatible with WP 6.9 and Security Fixes!

Location:
wpecounter
Files:
40 added
3 edited

Legend:

Unmodified
Added
Removed

  • wpecounter/trunk/includes/settings.php

    r3401115 r3423917  
    7878        public function register_settings() {
    7979
     80            // Security: only admins
     81            if ( ! is_admin() || ! current_user_can( 'manage_options' ) ) {
     82                return;
     83            }
    8084            // no options - create them.
    8185            if (false == get_option($this->options_key)) {
     
    205209*/
    206210            // Handle reset counters action
    207             if (isset($_POST['reset_counters_btn'])) {
     211            if (isset($_POST['reset_counters_btn']) &&  check_admin_referer('wpecounter_reset_counters', 'wpecounter_reset_nonce') ) { 
    208212                global $wpdb;
    209213                if (!isset($WPeCounterViews)) {
     
    299303                                <div class="inside">
    300304                                    <h3><span class="dashicons dashicons-sos"></span><?php _e('Danger Area', 'wpecounter'); ?></h3>
     305                                    <?php wp_nonce_field( 'wpecounter_reset_counters', 'wpecounter_reset_nonce' ); ?>
    301306                                    <hr />
    302307                                    <?php

  • wpecounter/trunk/readme.txt

    r3401115 r3423917  
    44Tags: post views, views counter, popular posts, ajax counter, analytics
    55Requires at least: 3.1
    6 Tested up to: 6.8.2
    7 Requires PHP: 5.6
    8 Stable tag: 2.1.2
     6Tested up to: 6.9
     7Requires PHP: 7.0
     8Stable tag: 2.1.3
    99License: GPLv2
    1010
     
    5555
    5656== Changelog ==
     57
     58= 2.1.3 – Dec 19, 2025 =
     59* Security: Improved access control and request validation in admin settings.
     60* Added proper capability checks to restrict sensitive actions to administrators only.
     61* Added nonce verification to protect destructive actions against unauthorized requests.
     62* General hardening of admin-side logic.
    5763
    5864= 2.1.2 – Nov 19, 2025 =
     
    120126
    121127== Upgrade Notice ==
    122 Fully compatible with WP 6.8.2. Fixed PHP Warnings displayed in DEBUG mode
     128Fully compatible with WP 6.9 and Security Fixes!

  • wpecounter/trunk/wpecounter.php

    r3401115 r3423917  
    44 * Plugin URI:   https://etruel.com/downloads/wpecounter
    55 * Description:  Counts visits on post lists, pages and/or custom post types. It also displays them in posts, pages or text widget content, shortcode [WPeCounter].
    6  * Version:      2.1.2
     6 * Version:      2.1.3
    77 * Author:       Etruel Developments LLC
    88 * Author URI:   https://etruel.com
     
    1515// Plugin version
    1616if (!defined('WPECOUNTER_VERSION'))
    17     define('WPECOUNTER_VERSION', '2.1.2');
     17    define('WPECOUNTER_VERSION', '2.1.3');
    1818
    1919if (!class_exists('WPeCounter')) :
Note: See TracChangeset for help on using the changeset viewer.