WordPress.org
Get WordPress

Plugin Directory

Changeset 3246258


Ignore:
Timestamp:
02/25/2025 08:38:24 AM (13 months ago)
Author:
israpil
Message:

Fix: missing authorization to authenticated (Subscriber) settings update. Credits to @truonghuuphuc

Location:
webtexttool/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • webtexttool/trunk/README.txt

    r3200807 r3246258  
    44Requires at least: 3.5 or higher
    55Tested up to: 6.7
    6 Stable tag: 3.6.1
     6Stable tag: 3.6.2
    77License: GPLv2 or later
    88License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    8484
    8585== Changelog ==
     86
     87= 3.6.2 =
     88
     89Release Date: February 25th, 2025
     90
     91* Fix: missing authorization to authenticated (Subscriber) settings update. Credits to @truonghuuphuc
    8692
    8793= 3.6.1 =

  • webtexttool/trunk/admin/class-webtexttool-admin.php

    r2396001 r3246258  
    507507        $action = $this->get_webtexttoolnonce_action(); // text used to generate or check the nonce.
    508508        $option_key = "webtexttool_auth";
     509
     510        if (!current_user_can('edit_posts')) {
     511            exit;
     512        }
     513
    509514        // check if the nonce and data exist, otherwise exit
    510515        if (array_key_exists('nonce', $_POST) && array_key_exists('data', $_POST)) {
     
    547552        $output = ["message" => 'server ajax failed']; // set default output message
    548553        $action = $this->get_webtexttoolnonce_action(); // text used to generate or check the nonce.
     554
     555        if (!current_user_can('edit_posts')) {
     556            exit;
     557        }
     558
    549559        // check if the nonce and data exist, otherwise exit
    550560        if (array_key_exists('nonce', $_POST) && array_key_exists('data', $_POST)) {
     
    553563                $post_data = $_POST['data'];
    554564
    555                 update_option('tm_doctypes', $post_data);
     565                update_option('tm_doctypes', $post_data, false);
    556566                $output['message'] = 'success';
    557567            }

  • webtexttool/trunk/webtexttool.php

    r3144192 r3246258  
    77 * Plugin URI:        https://www.textmetrics.com
    88 * Description:       Textmetrics is the easiest way to create SEO proof content to rank higher and get more traffic. Realtime optimization, keyword research and more.
    9  * Version:           3.6.1
     9 * Version:           3.6.2
    1010 * Author:            Textmetrics
    1111 * Author URI:        https://www.textmetrics.com
     
    1616 */
    1717
    18 define('WTT_VERSION', '3.6.1');
     18define('WTT_VERSION', '3.6.2');
    1919define('WTT_SHORT_URL', "api.textmetrics.com");
    2020define('WTT_BASE_API_URL', 'https://api.textmetrics.com/');
Note: See TracChangeset for help on using the changeset viewer.