WordPress.org
Get WordPress

Plugin Directory

Changeset 3273163


Ignore:
Timestamp:
04/15/2025 08:37:08 AM (11 months ago)
Author:
israpil
Message:

Fix: Properly escaped Open Graph image URL input field to prevent potential XSS vulnerabilities. Credits to @nblirwn

Location:
webtexttool/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • webtexttool/trunk/README.txt

    r3246258 r3273163  
    44Requires at least: 3.5 or higher
    55Tested up to: 6.7
    6 Stable tag: 3.6.2
     6Stable tag: 3.6.3
    77License: GPLv2 or later
    88License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    8484
    8585== Changelog ==
     86
     87= 3.6.3 =
     88
     89Release Date: April 15th, 2025
     90
     91* Fix: Properly escaped Open Graph image URL input field to prevent potential XSS vulnerabilities. Credits to @nblirwn
    8692
    8793= 3.6.2 =

  • webtexttool/trunk/admin/partials/social/wtt-social-image-settings.php

    r1608237 r3273163  
    11<div id="social-image-settings">
    22    <label class="select" for="opengraph_image">Use default image:</label>
    3     <input type="text" id="opengraph_image" name="wtt_social[opengraph_image]" value="<?php echo (($wtt_social['opengraph_image']) <> '') ? $wtt_social['opengraph_image'] : '' ?>">
     3    <input type="text" id="opengraph_image" name="wtt_social[opengraph_image]" value="<?php echo (($wtt_social['opengraph_image']) <> '') ? esc_attr($wtt_social['opengraph_image']) : '' ?>">
    44    <input id="wtt_opengraph-image_button" class="wtt_image_upload_button button"
    55           type="button" value="Upload image">

  • webtexttool/trunk/core/class-webtexttool-social.php

    r3043558 r3273163  
    10331033            if (!$imageIsDone) {
    10341034                if (!empty($wtt_social['og_image_use_default']) && $wtt_social['og_image_use_default'] == "on") {
    1035                     $openGraphImage = $wtt_social['opengraph_image'];
     1035                    $openGraphImage = htmlspecialchars($wtt_social['opengraph_image'],ENT_QUOTES,'UTF-8' );
    10361036                } else {
    10371037                    $openGraphImage = '';

  • webtexttool/trunk/webtexttool.php

    r3246258 r3273163  
    77 * Plugin URI:        https://www.textmetrics.com
    88 * Description:       Textmetrics is the easiest way to create SEO proof content to rank higher and get more traffic. Realtime optimization, keyword research and more.
    9  * Version:           3.6.2
     9 * Version:           3.6.3
    1010 * Author:            Textmetrics
    1111 * Author URI:        https://www.textmetrics.com
     
    1616 */
    1717
    18 define('WTT_VERSION', '3.6.2');
     18define('WTT_VERSION', '3.6.3');
    1919define('WTT_SHORT_URL', "api.textmetrics.com");
    2020define('WTT_BASE_API_URL', 'https://api.textmetrics.com/');
Note: See TracChangeset for help on using the changeset viewer.