WordPress.org
Get WordPress

Plugin Directory

Changeset 2854837


Ignore:
Timestamp:
01/26/2023 12:44:22 AM (3 years ago)
Author:
Bluenotes
Message:

Security: Added output escaping to shortcode attributes.

Location:
bne-testimonials
Files:
238 added
3 edited

Legend:

Unmodified
Added
Removed

  • bne-testimonials/trunk/bne-testimonials.php

    r2441043 r2854837  
    22/*
    33 * Plugin Name: BNE Testimonials
    4  * Version: 2.0.7
     4 * Version: 2.0.8
    55 * Description: Display testimonials on any page or widget area as list or slider. Upgrade to PRO for additional layouts, themes, API, 5-star ratings and schema markup.
    66 * Author: Kerry Kline
     
    1010 * License: GPL2
    1111
    12     Copyright (C) 2013-2020 BNE Creative
    13 
    14     This program is free software; you can redistribute it and/or modify
    15     it under the terms of the GNU General Public License version 2,
    16     as published by the Free Software Foundation.
    17 
    18     You may NOT assume that you can use any other version of the GPL.
    19 
    20     This program is distributed in the hope that it will be useful,
    21     but WITHOUT ANY WARRANTY; without even the implied warranty of
    22     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    23     GNU General Public License for more details.
    24 
    25     The license for this software can likely be found here:
    26     http://www.gnu.org/licenses/gpl-2.0.html
     12    Copyright (C) 2013-2020 BNE Creative
     13
     14    This program is free software; you can redistribute it and/or modify
     15    it under the terms of the GNU General Public License version 2,
     16    as published by the Free Software Foundation.
     17
     18    You may NOT assume that you can use any other version of the GPL.
     19
     20    This program is distributed in the hope that it will be useful,
     21    but WITHOUT ANY WARRANTY; without even the implied warranty of
     22    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     23    GNU General Public License for more details.
     24
     25    The license for this software can likely be found here:
     26    http://www.gnu.org/licenses/gpl-2.0.html
    2727
    2828*/
     
    3737
    3838   
    39     /*
    40     *  Constructor
    41     *
    42     *  @since      v2.0
    43     *
    44     */
     39    /*
     40    *  Constructor
     41    *
     42    *  @since      v2.0
     43    *
     44    */
    4545    function __construct() {
    4646       
    4747        // Set Constants
    48         define( 'BNE_TESTIMONIALS_VERSION', '2.0.7' );
     48        define( 'BNE_TESTIMONIALS_VERSION', '2.0.8' );
    4949        define( 'BNE_TESTIMONIALS_DIR', dirname( __FILE__ ) );
    5050        define( 'BNE_TESTIMONIALS_URI', plugins_url( '', __FILE__ ) );

  • bne-testimonials/trunk/includes/shortcode-display.php

    r2441043 r2854837  
    3939 * 
    4040 *  @since      v2.0
    41  *  @updated    v2.0.7
     41 *  @updated    v2.0.8
    4242 *
    4343*/
     
    102102
    103103    ), $atts, 'bne_testimonials' );
    104 
     104   
     105    // Sanitize user inputs
     106    foreach( $atts as $index => $att ) {
     107        $atts[$index] = esc_attr($att);
     108    }   
    105109
    106110
     
    109113    if( $atts['category'] ) {
    110114        $taxonomy_args = array(
    111             array(
    112                 'taxonomy'  =>  'bne-testimonials-taxonomy',
    113                 'field'     =>  'slug',
    114                 'terms'     =>  explode( ',', esc_html( $atts['category'] ) )
    115             )
    116         );
     115            array(
     116                'taxonomy'  =>  'bne-testimonials-taxonomy',
     117                'field'     =>  'slug',
     118                'terms'     =>  explode( ',', esc_html( $atts['category'] ) )
     119            )
     120        );
    117121    }
    118122   
     
    129133       
    130134        // Taxonomy Query
    131         'tax_query'         =>  $taxonomy_args
     135        'tax_query'         =>  $taxonomy_args
    132136    );
    133137   

  • bne-testimonials/trunk/readme.txt

    r2737189 r2854837  
    9292== Changelog ==
    9393
     94= 2.0.8 January 25, 2023
     95* Security: Added output escaping to shortcode attributes.
     96
     97
    9498= 2.0.7 December 16, 2020
    9599* Inline JS adjustment for the slider when using jQuery 3.5+
Note: See TracChangeset for help on using the changeset viewer.