WordPress.org
Get WordPress

Plugin Directory

Changeset 2531309


Ignore:
Timestamp:
05/13/2021 04:57:52 PM (5 years ago)
Author:
RPG84
Message:
  • Fixed issue with potential SQL injection
Location:
tradetracker-store
Files:
71 added
3 edited

Legend:

Unmodified
Added
Removed

  • tradetracker-store/trunk/Tradetracker-Store.php

    r2438481 r2531309  
    33* Plugin Name: Tradetracker-Store
    44* Plugin URI: https://wpaffiliatefeed.com
    5 * Version: 4.6.55
     5* Version: 4.6.56
    66* Description: A Plugin that will add a TradeTracker affiliate feed to your site with several options to choose from.
    77* Author: Robert Braam

  • tradetracker-store/trunk/menu/xmlfeed.php

    r1455530 r2531309  
    2626        global $folderhome;
    2727        $error = "";
    28         $xmlfeed=$wpdb->get_row("SELECT xmlfeed, xmlname, xmlprovider, id FROM ".$ttstorexmltable." where id=".$_GET['test']." order by xmlname");
     28        $menuid = $_GET['test'];
     29        $query = $wpdb->prepare("SELECT xmlfeed, xmlname, xmlprovider, id FROM $ttstorexmltable where id=%s order by xmlname", $menuid);
     30        $xmlfeed=$wpdb->get_row($query);
    2931        $xmlfile = $xmlfeed->xmlfeed;
    3032        if (get_option('Tradetracker_importtool')=="1"){

  • tradetracker-store/trunk/readme.txt

    r2438481 r2531309  
    55Requires at least: 4
    66Tested up to: 5.6
    7 Stable tag: 4.6.55
     7Stable tag: 4.6.56
    88
    99A plugin that lets you import an XML productfeed from TradeTracker.
     
    4242
    4343== Changelog ==
     44= 4.6.56 =
     45- Fixed issue with potential SQL injection
     46
    4447= 4.6.55 =
    4548- Fixed issue with importer causing issues in WP 5.6
Note: See TracChangeset for help on using the changeset viewer.