Changeset 2879914
- Timestamp:
- 03/14/2023 03:33:17 PM (3 years ago)
- Location:
- modern-footnotes
- Files:
-
- 16 added
- 2 edited
-
tags/1.4.16 (added)
-
tags/1.4.16/license.txt (added)
-
tags/1.4.16/mce-button.png (added)
-
tags/1.4.16/modern-footnotes.block-editor.js (added)
-
tags/1.4.16/modern-footnotes.block-editor.min.js (added)
-
tags/1.4.16/modern-footnotes.js (added)
-
tags/1.4.16/modern-footnotes.mce-button.js (added)
-
tags/1.4.16/modern-footnotes.mce-button.min.js (added)
-
tags/1.4.16/modern-footnotes.min.js (added)
-
tags/1.4.16/modern-footnotes.php (added)
-
tags/1.4.16/readme.txt (added)
-
tags/1.4.16/styles.block-editor-button.min.css (added)
-
tags/1.4.16/styles.css (added)
-
tags/1.4.16/styles.mce-button.css (added)
-
tags/1.4.16/styles.mce-button.min.css (added)
-
tags/1.4.16/styles.min.css (added)
-
trunk/modern-footnotes.php (modified) (6 diffs)
-
trunk/readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
modern-footnotes/trunk/modern-footnotes.php
r2867112 r2879914 5 5 Text Domain: modern-footnotes 6 6 Description: Add inline footnotes to your post via the footnote icon on the toolbar for editing posts and pages. Or, use the [mfn] or [modern_footnote] shortcodes [mfn]like this[/mfn]. 7 Version: 1.4.1 57 Version: 1.4.16 8 8 Author: Prism Tech Studios 9 9 Author URI: http://prismtechstudios.com/ … … 15 15 defined( 'ABSPATH' ) or die( 'No script kiddies please!' ); 16 16 17 $modern_footnotes_version = '1.4.1 5';17 $modern_footnotes_version = '1.4.16'; 18 18 19 19 $modern_footnotes_options = get_option('modern_footnotes_settings'); … … 588 588 esc_html__($property_label, 'modern-footnotes') . 589 589 '</label>'; 590 $html = sprintf($html, $property_name, isset($modern_footnotes_options[$property_name]) ? $modern_footnotes_options[$property_name]: '');590 $html = sprintf($html, $property_name, isset($modern_footnotes_options[$property_name]) ? esc_attr($modern_footnotes_options[$property_name]) : ''); 591 591 592 592 echo $html; … … 609 609 foreach ($options as $key => $value) { 610 610 $option_html = '<option value="%s" %s>%s</option>'; 611 $html .= sprintf($option_html, $key, $selected_value == $key ? 'selected' : '', $value);611 $html .= sprintf($option_html, esc_attr($key), $selected_value == $key ? 'selected' : '', esc_html($value)); 612 612 } 613 613 $html .= '</select>'; … … 634 634 foreach ($options as $key => $value) { 635 635 $option_html = '<option value="%s" %s>%s</option>'; 636 $html .= sprintf($option_html, $key, $selected_value == $key ? 'selected' : '', $value);636 $html .= sprintf($option_html, esc_attr($key), $selected_value == $key ? 'selected' : '', esc_html($value)); 637 637 } 638 638 $html .= '</select>'; … … 649 649 global $modern_footnotes_options; 650 650 651 $html = '<textarea id="modern_footnotes_custom_css" name="modern_footnotes_settings[modern_footnotes_custom_css]" style="max-width:100%;width:400px;height:200px">' . (isset($modern_footnotes_options['modern_footnotes_custom_css']) ? $modern_footnotes_options['modern_footnotes_custom_css']: '') . '</textarea>';651 $html = '<textarea id="modern_footnotes_custom_css" name="modern_footnotes_settings[modern_footnotes_custom_css]" style="max-width:100%;width:400px;height:200px">' . (isset($modern_footnotes_options['modern_footnotes_custom_css']) ? esc_textarea($modern_footnotes_options['modern_footnotes_custom_css']) : '') . '</textarea>'; 652 652 $html .= '<label for="modern_footnotes_custom_css">' . 653 653 esc_html__('Enter any custom CSS for the plugin, without any <style> tags.', 'modern-footnotes') . -
modern-footnotes/trunk/readme.txt
r2867112 r2879914 4 4 Requires at least: 4.6 5 5 Tested up to: 6.1.1 6 Stable tag: 1.4.1 56 Stable tag: 1.4.16 7 7 License: GNU General Public License v2 8 8 License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html … … 84 84 == Changelog == 85 85 86 = 1.4.16 = 87 * Security fix for XSS issue. Thanks to Rio Darmawan for identifying the issue. 88 86 89 = 1.4.15 = 87 90 * Fix for duplicate HTML ids
Note: See TracChangeset
for help on using the changeset viewer.