WordPress.org
Get WordPress

Plugin Directory

Changeset 3218040


Ignore:
Timestamp:
01/07/2025 01:17:47 AM (14 months ago)
Author:
g5theme
Message:
  • Fix error CSRF in setup pages
Location:
essential-real-estate/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • essential-real-estate/trunk/CHANGELOG.md

    r3210806 r3218040  
    11Changelog
    22=========
     3### 5.1.9 - January  07, 2025
     4* Fix error CSRF in setup pages
     5
    36### 5.1.8 - December 20, 2024
    47* Fix query property by features

  • essential-real-estate/trunk/admin/class-ere-admin-setup.php

    r3123067 r3218040  
    155155            $step            = ! empty( $_GET['step'] ) ? absint( wp_unslash( $_GET['step'] ) ) : 1;
    156156            if ( 3 === $step && ! empty( $_POST ) ) {
     157                if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'],'ere_setup_pages')) {
     158                    return;
     159                }
     160
    157161                $create_pages = isset( $_POST['ere-create-page'] ) ? ere_clean( wp_unslash( $_POST['ere-create-page'] ) ) : array();
    158162                $page_titles  = isset( $_POST['ere-page-title'] ) ? ere_clean( wp_unslash( $_POST['ere-page-title'] ) ) : array();
     
    215219
    216220                    <form action="<?php echo esc_url( add_query_arg( 'step', 3 ) ); ?>" method="post">
     221                        <?php wp_nonce_field('ere_setup_pages') ?>
    217222                        <table class="ere-shortcodes widefat">
    218223                            <thead>

  • essential-real-estate/trunk/essential-real-estate.php

    r3210806 r3218040  
    44 * Plugin URI: https://wordpress.org/plugins/essential-real-estate
    55 * Description: The latest plugins Real Estate you want. Completely all features, easy customize and override layout, functions. Supported global payment, build market, single, list property, single agent...etc. All fields are defined dynamic, they will help you can build any kind of Real Estate website.
    6  * Version: 5.1.8
     6 * Version: 5.1.9
    77 * Author: G5Theme
    88 * Author URI: http://themeforest.net/user/g5theme
     
    2929
    3030if (!defined('ERE_PLUGIN_VER')) {
    31     define('ERE_PLUGIN_VER', '5.1.8');
     31    define('ERE_PLUGIN_VER', '5.1.9');
    3232}
    3333if (!defined('ERE_PLUGIN_FILE')) {

  • essential-real-estate/trunk/readme.txt

    r3210806 r3218040  
    55Requires at least: 4.5
    66Tested up to: 6.6.2
    7 Stable tag: 5.1.8
     7Stable tag: 5.1.9
    88License: GPLv2 or later
    99License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    9999
    100100== Changelog ==
     101= 5.1.9 =
     102* Fix error CSRF in setup pages
     103
    101104= 5.1.8 =
    102105* Fix query property by features
Note: See TracChangeset for help on using the changeset viewer.