Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3203679

Timestamp:

12/06/2024 02:20:25 PM (15 months ago)

Author:

hookandhook

Message:

3.2.22 | Fix vulnerability (user meta)

Location:

wp-courses

Files:

: 230 added
: 3 edited

tags/3.2.22 (added)
tags/3.2.22/README.md (added)
tags/3.2.22/admin (added)
tags/3.2.22/admin/admin-menu.php (added)
tags/3.2.22/admin/admin-nav-menu.php (added)
tags/3.2.22/admin/charts (added)
tags/3.2.22/admin/charts/chart-most-active-users.php (added)
tags/3.2.22/admin/charts/chart-popular-courses.php (added)
tags/3.2.22/admin/charts/chart-tracking-data.php (added)
tags/3.2.22/admin/columns.php (added)
tags/3.2.22/admin/course-meta.php (added)
tags/3.2.22/admin/dashboard.php (added)
tags/3.2.22/admin/front-end-editor.php (added)
tags/3.2.22/admin/lesson-meta.php (added)
tags/3.2.22/admin/quiz-meta.php (added)
tags/3.2.22/admin/requirements-meta.php (added)
tags/3.2.22/admin/templates (added)
tags/3.2.22/admin/templates/help.php (added)
tags/3.2.22/admin/templates/order-courses.php (added)
tags/3.2.22/admin/templates/order-lessons.php (added)
tags/3.2.22/admin/templates/premium-badges.php (added)
tags/3.2.22/admin/templates/premium-certificates.php (added)
tags/3.2.22/admin/templates/premium-emails.php (added)
tags/3.2.22/admin/templates/shortcode_note.php (added)
tags/3.2.22/admin/templates/single-student.php (added)
tags/3.2.22/admin/widgets.php (added)
tags/3.2.22/admin/wpc-admin-student-table.php (added)
tags/3.2.22/admin/wpc-options.php (added)
tags/3.2.22/ajax (added)
tags/3.2.22/ajax/ajax-course-change.php (added)
tags/3.2.22/ajax/ajax-course-order.php (added)
tags/3.2.22/ajax/ajax-lesson-change-restriction.php (added)
tags/3.2.22/ajax/ajax-lesson-order.php (added)
tags/3.2.22/ajax/ajax-survey.php (added)
tags/3.2.22/ajax/ajax-user-meta.php (added)
tags/3.2.22/ajax/ajax.php (added)
tags/3.2.22/classes (added)
tags/3.2.22/classes/WPCQ_Ajax.php (added)
tags/3.2.22/classes/WPC_Ajax.php (added)
tags/3.2.22/classes/WPC_Ajax_Components.php (added)
tags/3.2.22/classes/WPC_Shortcodes.php (added)
tags/3.2.22/cron (added)
tags/3.2.22/cron/cron.php (added)
tags/3.2.22/css (added)
tags/3.2.22/css/DataTables-1.11.2 (added)
tags/3.2.22/css/DataTables-1.11.2/images (added)
tags/3.2.22/css/DataTables-1.11.2/images/sort_asc.png (added)
tags/3.2.22/css/DataTables-1.11.2/images/sort_asc_disabled.png (added)
tags/3.2.22/css/DataTables-1.11.2/images/sort_both.png (added)
tags/3.2.22/css/DataTables-1.11.2/images/sort_desc.png (added)
tags/3.2.22/css/DataTables-1.11.2/images/sort_desc_disabled.png (added)
tags/3.2.22/css/font-awesome.min.css (added)
tags/3.2.22/css/images (added)
tags/3.2.22/css/images/bx_loader.gif (added)
tags/3.2.22/css/images/controls.png (added)
tags/3.2.22/css/jquery.bxslider.css (added)
tags/3.2.22/css/select2.min.css (added)
tags/3.2.22/css/spectrum.min.css (added)
tags/3.2.22/css/spinners.css (added)
tags/3.2.22/css/style.css (added)
tags/3.2.22/db (added)
tags/3.2.22/db/db-tables.php (added)
tags/3.2.22/debug.log (added)
tags/3.2.22/fonts (added)
tags/3.2.22/fonts/FontAwesome.otf (added)
tags/3.2.22/fonts/fontawesome-webfont.eot (added)
tags/3.2.22/fonts/fontawesome-webfont.svg (added)
tags/3.2.22/fonts/fontawesome-webfont.ttf (added)
tags/3.2.22/fonts/fontawesome-webfont.woff (added)
tags/3.2.22/fonts/fontawesome-webfont.woff2 (added)
tags/3.2.22/functions (added)
tags/3.2.22/functions/connections.php (added)
tags/3.2.22/functions/functions.php (added)
tags/3.2.22/functions/output.php (added)
tags/3.2.22/functions/quizzes.php (added)
tags/3.2.22/functions/render-ajax-components.php (added)
tags/3.2.22/functions/requirements.php (added)
tags/3.2.22/functions/security.php (added)
tags/3.2.22/functions/tracking.php (added)
tags/3.2.22/images (added)
tags/3.2.22/images/arrow-down.png (added)
tags/3.2.22/images/arrow-up.png (added)
tags/3.2.22/images/lesson-course.png (added)
tags/3.2.22/images/premium-badge.jpg (added)
tags/3.2.22/images/premium-certificates.jpg (added)
tags/3.2.22/images/premium-email-2.jpg (added)
tags/3.2.22/images/premium-email.jpg (added)
tags/3.2.22/images/premium.png (added)
tags/3.2.22/images/shortcode.png (added)
tags/3.2.22/images/waving-hand.svg (added)
tags/3.2.22/images/wpc-icon-sm-white.png (added)
tags/3.2.22/images/wpc-logo-sm.png (added)
tags/3.2.22/init (added)
tags/3.2.22/init/cp-types.php (added)
tags/3.2.22/init/enqueue.php (added)
tags/3.2.22/init/style-options.php (added)
tags/3.2.22/init/taxonomies.php (added)
tags/3.2.22/init/templates.php (added)
tags/3.2.22/integrations (added)
tags/3.2.22/integrations/pmpro.php (added)
tags/3.2.22/integrations/woo.php (added)
tags/3.2.22/js (added)
tags/3.2.22/js/attachments.js (added)
tags/3.2.22/js/certificates.js (added)
tags/3.2.22/js/chartjs (added)
tags/3.2.22/js/chartjs/LICENSE.md (added)
tags/3.2.22/js/chartjs/README.md (added)
tags/3.2.22/js/chartjs/auto (added)
tags/3.2.22/js/chartjs/auto/auto.esm.d.ts (added)
tags/3.2.22/js/chartjs/auto/auto.esm.js (added)
tags/3.2.22/js/chartjs/auto/auto.js (added)
tags/3.2.22/js/chartjs/auto/package.json (added)
tags/3.2.22/js/chartjs/dist (added)
tags/3.2.22/js/chartjs/dist/chart.esm.js (added)
tags/3.2.22/js/chartjs/dist/chart.js (added)
tags/3.2.22/js/chartjs/dist/chart.min.js (added)
tags/3.2.22/js/chartjs/dist/chunks (added)
tags/3.2.22/js/chartjs/dist/chunks/helpers.segment.js (added)
tags/3.2.22/js/chartjs/dist/helpers.esm.js (added)
tags/3.2.22/js/chartjs/helpers (added)
tags/3.2.22/js/chartjs/helpers/helpers.esm.d.ts (added)
tags/3.2.22/js/chartjs/helpers/helpers.esm.js (added)
tags/3.2.22/js/chartjs/helpers/helpers.js (added)
tags/3.2.22/js/chartjs/helpers/package.json (added)
tags/3.2.22/js/chartjs/package.json (added)
tags/3.2.22/js/chartjs/types (added)
tags/3.2.22/js/chartjs/types/adapters.d.ts (added)
tags/3.2.22/js/chartjs/types/animation.d.ts (added)
tags/3.2.22/js/chartjs/types/basic.d.ts (added)
tags/3.2.22/js/chartjs/types/color.d.ts (added)
tags/3.2.22/js/chartjs/types/element.d.ts (added)
tags/3.2.22/js/chartjs/types/geometric.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.canvas.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.collection.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.color.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.core.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.curve.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.dom.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.easing.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.extras.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.interpolation.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.intl.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.math.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.options.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.rtl.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/helpers.segment.d.ts (added)
tags/3.2.22/js/chartjs/types/helpers/index.d.ts (added)
tags/3.2.22/js/chartjs/types/index.esm.d.ts (added)
tags/3.2.22/js/chartjs/types/layout.d.ts (added)
tags/3.2.22/js/chartjs/types/utils.d.ts (added)
tags/3.2.22/js/iblize.min.js (added)
tags/3.2.22/js/jquery.bxslider.min.js (added)
tags/3.2.22/js/quizzes.js (added)
tags/3.2.22/js/select2.min.js (added)
tags/3.2.22/js/spectrum (added)
tags/3.2.22/js/spectrum/LICENSE (added)
tags/3.2.22/js/spectrum/spectrum.min.js (added)
tags/3.2.22/js/ui.js (added)
tags/3.2.22/js/wpc-admin.js (added)
tags/3.2.22/js/wpc-js.js (added)
tags/3.2.22/lang (added)
tags/3.2.22/lang/wp-courses-de_DE.mo (added)
tags/3.2.22/lang/wp-courses-de_DE.po (added)
tags/3.2.22/lang/wp-courses-en_CA.mo (added)
tags/3.2.22/lang/wp-courses-en_CA.po (added)
tags/3.2.22/lang/wp-courses-en_US.mo (added)
tags/3.2.22/lang/wp-courses-en_US.po (added)
tags/3.2.22/lang/wp-courses-es_MX.mo (added)
tags/3.2.22/lang/wp-courses-es_MX.po (added)
tags/3.2.22/lang/wp-courses-fr_FR.mo (added)
tags/3.2.22/lang/wp-courses-fr_FR.po (added)
tags/3.2.22/lang/wp-courses-hi_IN.mo (added)
tags/3.2.22/lang/wp-courses-hi_IN.po (added)
tags/3.2.22/lang/wp-courses-ja.mo (added)
tags/3.2.22/lang/wp-courses-ja.po (added)
tags/3.2.22/lang/wp-courses-pa_IN.mo (added)
tags/3.2.22/lang/wp-courses-pa_IN.po (added)
tags/3.2.22/lang/wp-courses-ro_RO.mo (added)
tags/3.2.22/lang/wp-courses-ro_RO.po (added)
tags/3.2.22/lang/wp-courses-ru_RU.mo (added)
tags/3.2.22/lang/wp-courses-ru_RU.po (added)
tags/3.2.22/lang/wp-courses-zh_CN.mo (added)
tags/3.2.22/lang/wp-courses-zh_CN.po (added)
tags/3.2.22/lang/wp-courses.pot (added)
tags/3.2.22/legacy (added)
tags/3.2.22/legacy/depricated.php (added)
tags/3.2.22/legacy/update.php (added)
tags/3.2.22/less (added)
tags/3.2.22/less/animated.less (added)
tags/3.2.22/less/bordered-pulled.less (added)
tags/3.2.22/less/core.less (added)
tags/3.2.22/less/fixed-width.less (added)
tags/3.2.22/less/font-awesome.less (added)
tags/3.2.22/less/icons.less (added)
tags/3.2.22/less/larger.less (added)
tags/3.2.22/less/list.less (added)
tags/3.2.22/less/mixins.less (added)
tags/3.2.22/less/path.less (added)
tags/3.2.22/less/rotated-flipped.less (added)
tags/3.2.22/less/screen-reader.less (added)
tags/3.2.22/less/stacked.less (added)
tags/3.2.22/less/variables.less (added)
tags/3.2.22/scss (added)
tags/3.2.22/scss/_animated.scss (added)
tags/3.2.22/scss/_bordered-pulled.scss (added)
tags/3.2.22/scss/_core.scss (added)
tags/3.2.22/scss/_fixed-width.scss (added)
tags/3.2.22/scss/_icons.scss (added)
tags/3.2.22/scss/_larger.scss (added)
tags/3.2.22/scss/_list.scss (added)
tags/3.2.22/scss/_mixins.scss (added)
tags/3.2.22/scss/_path.scss (added)
tags/3.2.22/scss/_rotated-flipped.scss (added)
tags/3.2.22/scss/_screen-reader.scss (added)
tags/3.2.22/scss/_stacked.scss (added)
tags/3.2.22/scss/_variables.scss (added)
tags/3.2.22/scss/font-awesome.scss (added)
tags/3.2.22/templates (added)
tags/3.2.22/templates/archive-course.php (added)
tags/3.2.22/templates/archive-lesson.php (added)
tags/3.2.22/templates/archive-teacher.php (added)
tags/3.2.22/templates/category-course.php (added)
tags/3.2.22/templates/single-course.php (added)
tags/3.2.22/templates/single-lesson.php (added)
tags/3.2.22/templates/single-quiz.php (added)
tags/3.2.22/templates/template-parts (added)
tags/3.2.22/templates/template-parts/course-filters.php (added)
tags/3.2.22/templates/template-parts/lesson-toolbar.php (added)
tags/3.2.22/wp-courses.php (added)
trunk/README.md (modified) (2 diffs)
trunk/ajax/ajax-user-meta.php (modified) (2 diffs)
trunk/wp-courses.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

wp-courses/trunk/README.md

-                      r3187948
+                      r3203679
 Requires at least: 5.0
 Tested up to: 6.7
 Stable tag: 3.2.21
+Stable tag: 3.2.22
 License: GPLv2 or later license
 …
 == Changelog ===
+.2.22: Fix vulnerability (user meta)
 .2.21: Tested up to 6.7
 .2.20: Tested up to 6.6

wp-courses/trunk/ajax/ajax-user-meta.php

-                      r3011178
+                      r3203679
 <?php
     add_action( 'wp_footer', 'wpc_action_update_user_option_js' );
+add_action('wp_footer', 'wpc_action_update_user_option_js');
+    function wpc_action_update_user_option_js() { ?>
         <?php $ajax_nonce = wp_create_nonce( "wpc-user-meta-ajax" ); ?>
         <script type="text/javascript" >
+function wpc_action_update_user_option_js()
+{ ?>
+    <?php $ajax_nonce = wp_create_nonce("wpc-user-meta-ajax"); ?>
+    <script type="text/javascript">
         jQuery(document).ready(function($) {
             jQuery(document).on('click', '.wpc-ajax-user-meta-option', function(){
+            jQuery(document).on('click', '.wpc-ajax-user-meta-option', function() {
                 var data = {
                     'security'      : "<?php echo esc_js( $ajax_nonce ); ?>",
                     'action'        : 'wpc_update_user_meta',
                     'user_id'       : $(this).data('user-id'),
                     'meta_key'      : $(this).data('key'),
                     'meta_value'    : $(this).prop('checked') === true ? 'true' : 'false',
+                    'security': "<?php echo esc_js($ajax_nonce); ?>",
+                    'action': 'wpc_update_user_meta',
+                    'user_id': $(this).data('user-id'),
+                    'meta_key': $(this).data('key'),
+                    'meta_value': $(this).prop('checked') === true ? 'true' : 'false',
                 };
 …
         });
+        </script> <?php
+    </script>
+<?php
+}
+add_action('wp_ajax_wpc_update_user_meta', 'wpc_update_user_meta_option');
+function wpc_update_user_meta_option()
+{
+    check_ajax_referer('wpc-user-meta-ajax', 'security');
+    $user_id    = isset($_POST['user_id']) ? absint($_POST['user_id']) : 0;
+    $meta_key   = isset($_POST['meta_key']) ? sanitize_key($_POST['meta_key']) : '';
+    $meta_value = isset($_POST['meta_value']) ? sanitize_text_field($_POST['meta_value']) : '';
+    // Authorization check: Only allow changes for own user
+    if ($user_id !== get_current_user_id()) {
+        wp_die();
+    }
+    add_action( 'wp_ajax_wpc_update_user_meta', 'wpc_update_user_meta_option' );
+    function wpc_update_user_meta_option(){
+        check_ajax_referer( 'wpc-user-meta-ajax', 'security' );
+    // Allow-list of meta keys
+    $allowed_meta_keys = ['wpc-email-status'];
         $user_id    = isset( $_POST['user_id'] ) ? absint( $_POST['user_id'] ) : 0;
         $meta_key   = isset( $_POST['meta_key'] ) ? sanitize_key( $_POST['meta_key'] ) : '';
         $meta_value = isset( $_POST['meta_value'] ) ? sanitize_text_field( $_POST['meta_value'] ) : '';
+    if ($user_id && in_array($meta_key, $allowed_meta_keys, true)) {
+        update_user_meta($user_id, $meta_key, $meta_value);
+    }
+        if ( $user_id && $meta_key !== '' ) {
+            update_user_meta( $user_id, $meta_key, $meta_value );
+        }
+        wp_die(); // required
+    }
+    wp_die();
+}
 ?>

wp-courses/trunk/wp-courses.php

-                      r3187948
+                      r3203679
  * Plugin Name: WP Courses LMS
  * Description: Create unlimited online courses on your WordPress website with WP Courses LMS.
  * Version: 3.2.21
+ * Version: 3.2.22
  * Author: WP Courses
  * Plugin URI: https://wpcoursesplugin.com
 …
         if (!empty($plugin_data['Version'])) {
             if (version_compare('3.2.7', $plugin_data['Version'], '>')) {
+            if (version_compare('3.2.8', $plugin_data['Version'], '>')) {
                 $output = 'You are using an outdated version of WP Courses LMS Premium. Please update to the latest version to ensure compatibility and security.';

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory