WordPress.org
Get WordPress

Plugin Directory

Changeset 3284108


Ignore:
Timestamp:
04/29/2025 12:44:45 PM (11 months ago)
Author:
karim42
Message:

Security: Fixed XSS vulnerabilities in admin settings fields

Location:
quran-text-multilanguage/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • quran-text-multilanguage/trunk/admin/quran-admin.php

    r2517986 r3284108  
    292292<th scope="row" id="thadminquran">Change sura text </th>
    293293<td>
    294    <label><input type="text" name="option[quran_changesuratxt]" value="<?php echo get_option('quran_changesuratxt'); ?>"></label>
     294   <label><input type="text" name="option[quran_changesuratxt]" value="<?php echo esc_attr(get_option('quran_changesuratxt')); ?>"></label>
    295295</td>
    296296</tr>
     
    299299<th scope="row" id="thadminquran">Change language text </th>
    300300<td>
    301    <label><input type="text" name="option[quran_changelangtxt]" value="<?php echo get_option('quran_changelangtxt'); ?>"></label>
     301   <label><input type="text" name="option[quran_changelangtxt]" value="<?php echo esc_attr(get_option('quran_changelangtxt')); ?>"></label>
    302302</td>
    303303</tr>
     
    306306<th scope="row" id="thadminquran">Change recitator text </th>
    307307<td>
    308    <label><input type="text" name="option[quran_changerecitatortxt]" value="<?php echo get_option('quran_changerecitatortxt'); ?>"></label>
     308   <label><input type="text" name="option[quran_changerecitatortxt]" value="<?php echo esc_attr(get_option('quran_changerecitatortxt')); ?>"></label>
    309309</td>
    310310</tr>

  • quran-text-multilanguage/trunk/quran-text-multilanguage.php

    r3203456 r3284108  
    77Description: Quran Text Multilanguage translated into 29 languages. Full ajax version and responsive. Fully customizable. More reciter...
    88
    9 Version: 2.3.23
    10 * Important: This update includes critical security fixes
     9Version: 2.3.24
     10* Important: This update includes critical security fixes for XSS vulnerabilities
    1111Author: Bahmed karim
    1212

  • quran-text-multilanguage/trunk/readme.txt

    r3203456 r3284108  
    373373 - fix preg_match sourate parameter
    374374
     375= 2.3.24 =
     376* Security: Fixed XSS vulnerabilities in admin settings fields
     377* Security: Added proper escaping for text input fields using esc_attr()
     378
Note: See TracChangeset for help on using the changeset viewer.