WordPress.org
Get WordPress

Plugin Directory

Changeset 2083730


Ignore:
Timestamp:
05/08/2019 03:11:41 PM (7 years ago)
Author:
mgibbs189
Message:

CFS 2.5.15

Location:
custom-field-suite/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • custom-field-suite/trunk/assets/js/fields.js

    r1581223 r2083730  
    102102
    103103            // browser autofill support
    104             $(this).closest('.field').find('.field_meta .field_label a').html(val);
     104            $(this).closest('.field').find('.field_meta .field_label a').text(val);
    105105
    106106            var name = $(this).closest('tr').find('.field_name input');
     
    118118            var $this = $(this);
    119119            setTimeout(function() {
    120                 $this.closest('.field').find('.field_meta .field_label a').html($this.val());
     120                $this.closest('.field').find('.field_meta .field_label a').text($this.val());
    121121            }, 1);
    122122        });
     
    124124        $(document).on('keyup', '.field_form .field_name input', function() {
    125125            var val = jQuery(this).val();
    126             $(this).closest('.field').find('.field_meta .field_name').html(val);
     126            $(this).closest('.field').find('.field_meta .field_name').text(val);
    127127        });
    128128    });

  • custom-field-suite/trunk/cfs.php

    r2062232 r2083730  
    44Plugin URI: http://customfieldsuite.com/
    55Description: Visually add custom fields to your WordPress edit pages.
    6 Version: 2.5.14
     6Version: 2.5.15
    77Author: Matt Gibbs
    88Text Domain: cfs
     
    2323
    2424        // setup variables
    25         define( 'CFS_VERSION', '2.5.14' );
     25        define( 'CFS_VERSION', '2.5.15' );
    2626        define( 'CFS_DIR', dirname( __FILE__ ) );
    2727        define( 'CFS_URL', plugins_url( '', __FILE__ ) );

  • custom-field-suite/trunk/includes/form.php

    r1701908 r2083730  
    392392
    393393            <?php if ( ! empty( $field->label ) ) : ?>
    394             <label><?php echo $field->label; ?></label>
     394            <label><?php echo esc_html( $field->label ); ?></label>
    395395            <?php endif; ?>
    396396
    397397            <?php if ( ! empty( $field->notes ) ) : ?>
    398             <p class="notes"><?php echo $field->notes; ?></p>
     398            <p class="notes"><?php echo esc_html( $field->notes ); ?></p>
    399399            <?php endif; ?>
    400400

  • custom-field-suite/trunk/readme.txt

    r2062232 r2083730  
    33Tags: custom fields, fields, postmeta, relationship, repeater, file upload
    44Requires at least: 4.9
    5 Tested up to: 5.1.1
     5Tested up to: 5.2
    66Stable tag: trunk
    77License: GPLv2
     
    4747== Changelog ==
    4848
     49= 2.5.15 =
     50* Fix: prevent possible XSS for logged-in editors or admins (props reddy.io)
     51
    4952= 2.5.14 =
    5053* Fix: PHP notice introduced in 2.5.13

  • custom-field-suite/trunk/templates/field_html.php

    r1701908 r2083730  
    77                </td>
    88                <td class="field_label">
    9                     <a class="cfs_edit_field row-title"><?php echo $field->label; ?></a>
     9                    <a class="cfs_edit_field row-title"><?php echo esc_html( $field->label ); ?></a>
    1010                </td>
    1111                <td class="field_name">
    12                     <?php echo $field->name; ?>
     12                    <?php echo esc_html( $field->name ); ?>
    1313                </td>
    1414                <td class="field_type">
    15                     <a class="cfs_edit_field"><?php echo $field->type; ?></a>
     15                    <a class="cfs_edit_field"><?php echo esc_html( $field->type ); ?></a>
    1616                </td>
    1717            </tr>
Note: See TracChangeset for help on using the changeset viewer.