WordPress.org
Get WordPress

Plugin Directory

Changeset 3334940


Ignore:
Timestamp:
07/27/2025 04:04:25 PM (8 months ago)
Author:
creativehassan
Message:

Version 1.9.1 - Critical security fix for nonce bypass vulnerability

Location:
snap-pixel
Files:
38 added
3 edited

Legend:

Unmodified
Added
Removed

  • snap-pixel/trunk/README.md

    r3252591 r3334940  
    22
    33The Snap Pixel plugin provides a seamless way to integrate Snapchat's tracking pixel into your WordPress website and WooCommerce store. It allows you to track user interactions and conversions, helping you measure the effectiveness of your Snapchat advertising campaigns.
     4
     5## Current Version: 1.9.1
     6
     7**Latest Update (v1.9.1):** Critical security fix that addresses a nonce bypass vulnerability in AJAX handlers. This update replaces manual nonce verification with WordPress standard functions for improved security. Also removes deprecated `load_plugin_textdomain()` function call as WordPress handles translations automatically since version 4.6. Tested and confirmed compatible with WordPress 6.8
    48
    59## Key Features

  • snap-pixel/trunk/readme.txt

    r3254209 r3334940  
    66Tags: snapchat, snap pixel, snapchat pixel, snapchat tracking, woocommerce
    77Requires at least: 5.0
    8 Tested up to: 6.7.2
     8Tested up to: 6.8
    99Requires PHP: 5.6
    10 Stable tag: 1.9.0
     10Stable tag: 1.9.1
    1111License: GPLv2 or later
    1212License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    186186== Changelog ==
    187187
     188= 1.9.1 =
     189* Critical security fix: Fixed nonce bypass vulnerability in AJAX handlers that could allow unauthorized access to product data
     190* Replaced manual nonce verification with WordPress standard check_ajax_referer() function for improved security
     191* Updated JavaScript AJAX calls to use proper nonce parameter naming convention
     192* Removed deprecated load_plugin_textdomain() function call (WordPress handles translations automatically since 4.6)
     193* Tested and confirmed compatibility with WordPress 6.8.2
     194
    188195= 1.9.0 =
    189196* Security fix: Improved nonce verification in AJAX handlers to prevent potential security vulnerabilities
     
    246253== Upgrade Notice ==
    247254
     255= 1.9.1 =
     256Critical security update that fixes a nonce bypass vulnerability in AJAX handlers. Please upgrade immediately.
     257
    248258= 1.9.0 =
    249259Important security update that fixes a nonce verification vulnerability. Please upgrade immediately.

  • snap-pixel/trunk/snap-pixel.php

    r3254209 r3334940  
    44 * Plugin URI:  https://wordpress.org/plugins/snap-pixel
    55 * Description: Snapchat (Snap Pixel) to measure the cross-device impact of campaigns. It is best suited for your direct response goals, such as driving leads, subscriptions, or product sales.
    6  * Version:     1.9.0
     6 * Version:     1.9.1
    77 * Author:      Hassan Ali
    88 * Author URI:  https://creativehassan.com
     
    2121
    2222// Define plugin constants
    23 define( 'SNAP_PIXEL_VERSION', '1.9.0' );
     23define( 'SNAP_PIXEL_VERSION', '1.9.1' );
    2424define( 'SNAP_PIXEL_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
    2525define( 'SNAP_PIXEL_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
    2626define( 'SNAP_PIXEL_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
    2727
    28 /**
    29  * Load plugin text domain.
    30  */
    31 function snap_pixel_load_textdomain() {
    32     load_plugin_textdomain( 'snap-pixel', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );
    33 }
    34 add_action( 'plugins_loaded', 'snap_pixel_load_textdomain' );
     28
    3529
    3630/**
Note: See TracChangeset for help on using the changeset viewer.