WordPress.org
Get WordPress

Plugin Directory

Changeset 3034585


Ignore:
Timestamp:
02/12/2024 12:58:08 PM (2 years ago)
Author:
arapps92
Message:

Version 1.3.2

Location:
dashboard-to-do-list/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • dashboard-to-do-list/trunk/admin/todo-widget.php

    r3030188 r3034585  
    1313if ( !function_exists( 'ardtdw_widgetupdate' ) ) {
    1414    function ardtdw_widgetupdate(){
    15         if ( 'POST' == $_SERVER['REQUEST_METHOD'] ) {
    16             if( isset($_POST['ardtdw-save']) || wp_verify_nonce( $_POST['ardtdw_confirm'], 'ardtdw_update_list' ) ) {
    17                 if(isset($_POST['ardtdw-textarea'])) {
     15        if(isset($_POST['ardtdw-save'])) {
     16        if(isset($_POST['ardtdw_confirm']) && wp_verify_nonce( $_POST['ardtdw_confirm'], 'ardtdw_update_list')) {
     17
     18     if(isset($_POST['ardtdw-textarea'])) {
    1819                    update_option(
    1920                        'ardtdw-textarea',
     
    7576                <?php }
    7677            }
     78        } else {
     79            print 'Sorry, your nonce did not verify.';
     80        exit;
    7781        }
    7882    }
     83
    7984}
    8085}
     
    109114                </p>
    110115            <?php } ?>
     116            <?php wp_nonce_field( 'ardtdw_update_list', 'ardtdw_confirm' ); ?>
    111117            <input type='submit' value='<?php _e( 'Save','dashboard-to-do-list'); ?>' class='button-primary' name='ardtdw-save'>
    112             <?php wp_nonce_field( 'ardtdw_update_list', 'ardtdw_confirm' ); ?>
    113118        </form>
    114119        <?php

  • dashboard-to-do-list/trunk/readme.txt

    r3030207 r3034585  
    66Tested up to: 6.4
    77Requires PHP: 5.6
    8 Stable version: 1.3.1
     8Stable version: 1.3.2
    99License: GPLv2 or later
    1010License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    5555If your question is not answered here, please create a new topic in the [WordPress support forum](https://wordpress.org/support/plugin/dashboard-to-do-list/).
    5656
    57 = Where do I report security bugs? =
     57== Changelog ==
     58= 1.3.2 =
     59* Patched reported Cross Site Request Forgery (CSRF) vulnerability when saving the dashboard widget.
    5860
    59 You can report security bugs through the Patchstack Vulnerability Disclosure Program. The Patchstack team help validate, triage and handle any security vulnerabilities. [Report a security vulnerability.](https://patchstack.com/database/vdp/dashboard-to-do-list)
    60 
    61 
    62 == Changelog ==
    6361= 1.3.1 =
    6462* Fixed capabilities bug when saving the widget if switching between user roles (thanks to chrslcy).

  • dashboard-to-do-list/trunk/tdlw.php

    r3030188 r3034585  
    33    Plugin Name: Dashboard To-Do List
    44    Description: Dashboard To-Do list widget with option to show as a floating list on your website.
    5     Version: 1.3.1
     5    Version: 1.3.2
    66    Author: Andrew Rapps
    77    Author URI: https://arwebdesign.co.uk
Note: See TracChangeset for help on using the changeset viewer.