WordPress.org
Get WordPress

Plugin Directory

Changeset 3039704


Ignore:
Timestamp:
02/22/2024 12:41:20 PM (2 years ago)
Author:
pwps
Message:

Release version 3.2.9.1

Location:
wp-crm-system/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • wp-crm-system/trunk/includes/wcs-fields.php

    r2957846 r3039704  
    345345    if ( isset( $_POST['_wpcrm_' . 'contact-first-name'] ) && $_POST['_wpcrm_' . 'contact-first-name'] != '' && isset( $_POST['_wpcrm_' . 'contact-last-name'] ) && $_POST['_wpcrm_' . 'contact-last-name'] != '' ) {
    346346        global $wpdb;
    347         $first = $_POST['_wpcrm_' . 'contact-first-name'];
    348         $last = $_POST['_wpcrm_' . 'contact-last-name'];
     347        $first = sanitize_text_field( $_POST['_wpcrm_' . 'contact-first-name'] );
     348        $last = sanitize_text_field( $_POST['_wpcrm_' . 'contact-last-name'] );
    349349        $title = $first . ' ' . $last;
    350350        $where = array( 'ID' => $post_id );

  • wp-crm-system/trunk/includes/wcs-updates.php

    r2082833 r3039704  
    5050        if ( empty($first) && empty($last) && '' != $title ){
    5151            global $wpdb;
    52             $wpdb->insert( $wpdb->postmeta, array('post_id' => $contact_id, 'meta_key' => '_wpcrm_contact-first-name', 'meta_value' => $title ) );
     52            $wpdb->insert( $wpdb->postmeta, array('post_id' => $contact_id, 'meta_key' => '_wpcrm_contact-first-name', 'meta_value' => sanitize_text_field( $title ) ) );
    5353        }
    5454    endwhile;

  • wp-crm-system/trunk/readme.txt

    r3020300 r3039704  
    55Requires PHP: 7.4
    66Tested up to: 6.4.2
    7 Stable tag: 3.2.9
     7Stable tag: 3.2.9.1
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    9191
    9292== Changelog ==
     93= 3.2.9.1 =
     94* Fix: Vulnerability on Contact
    9395= 3.2.9 =
    9496* Fix: PHP Fatal and warnings when generating reports

  • wp-crm-system/trunk/wp-crm-system.php

    r3020300 r3039704  
    44Plugin URI: https://www.wp-crm.com
    55Description: A complete CRM for WordPress
    6 Version: 3.2.9
     6Version: 3.2.9.1
    77Author: Premium WordPress Support
    88Author URI: https://www.wp-crm.com
     
    3535}
    3636if ( ! defined( 'WP_CRM_SYSTEM_VERSION' ) ) {
    37   define( 'WP_CRM_SYSTEM_VERSION', '3.2.9' );
     37  define( 'WP_CRM_SYSTEM_VERSION', '3.2.9.1' );
    3838}
    3939if( ! defined( 'WP_CRM_SYSTEM_URL' ) ) {
Note: See TracChangeset for help on using the changeset viewer.