Changeset 3077508
- Timestamp:
- 04/26/2024 09:56:57 AM (2 years ago)
- Location:
- wpperformancetester/trunk
- Files:
-
- 3 edited
-
README.md (modified) (1 diff)
-
WPPerformanceTester_Plugin.php (modified) (2 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wpperformancetester/trunk/README.md
r2665429 r3077508 44 44 Changelog 45 45 ------------- 46 ** 2.0.1 ** 47 48 (April 23, 2024) Minor security update. 49 50 Patched CVE-2023-49844. This vulnerability allowed a CSRF which could have let an attacker make an admin to run benchmark unknowingly. 51 46 52 ** 2.0.0 ** 47 53 -
wpperformancetester/trunk/WPPerformanceTester_Plugin.php
r2665429 r3077508 15 15 $performTest = false; 16 16 if ( !empty( $_POST['performTest'] ) && ( $_POST['performTest'] == true ) ) { 17 $performTest=true; 17 //verify nonce 18 if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST[ '_wpnonce' ] ) ) ) ) { 19 wp_die( 'Invalid Request. Reload to try again.' ); 20 }else{ 21 $performTest=true; 22 } 18 23 } 19 24 ?> … … 24 29 <form method="post" action="<?php echo esc_url( admin_url('tools.php?page=WPPerformanceTester_PluginSettings') ); ?>"> 25 30 <input type="hidden" name="performTest" value="true"> 31 <?php wp_nonce_field(); ?> 26 32 <input type="submit" value="Begin Performance Test" onclick="this.value='This may take a minute...'"> 27 33 </form> -
wpperformancetester/trunk/readme.txt
r2665429 r3077508 3 3 Tags: performance, admin, benchmark 4 4 Requires at least: 3.5 5 Tested up to: 5.96 Stable tag: 2.0. 05 Tested up to: 6.5.2 6 Stable tag: 2.0.1 7 7 License: GPLv3 8 8 License URI: http://www.gnu.org/licenses/gpl-3.0.html … … 30 30 31 31 == Changelog == 32 33 = 2.0.1 = 34 35 (April 23, 2024) Minor security update. 36 37 Patched CVE-2023-49844. This vulnerability allowed a CSRF which could have let an attacker make an admin to run benchmark unknowingly. 38 32 39 = 2.0.0 = 33 40
Note: See TracChangeset
for help on using the changeset viewer.