WordPress.org
Get WordPress

Plugin Directory

Changeset 3413383


Ignore:
Timestamp:
12/07/2025 07:37:27 AM (4 months ago)
Author:
nko
Message:

Update to version 3.4.6 from GitHub

Location:
ghostkit
Files:
10 edited
1 copied

Legend:

Unmodified
Added
Removed

  • ghostkit/tags/3.4.6/CHANGELOG.md

    r3410135 r3413383  
    22
    33All notable changes to this project will be documented in this file.
     4
     5= 3.4.6 - Dec 7, 2025 =
     6
     7* fixed incorrect double escaping of Effects extension attribute because of WP 6.9 changes
     8* **Pro:**
     9* fixed incorrect double escaping of Attributes extension attribute because of WP 6.9 changes
    410
    511= 3.4.5 - Dec 3, 2025 =

  • ghostkit/tags/3.4.6/class-ghost-kit.php

    r3410135 r3413383  
    33 * Plugin Name:  Ghost Kit
    44 * Description:  Page Builder Blocks and Extensions for Gutenberg
    5  * Version:      3.4.5
     5 * Version:      3.4.6
    66 * Plugin URI:   https://www.ghostkit.io/?utm_source=wordpress.org&utm_medium=readme&utm_campaign=byline
    77 * Author:       Ghost Kit Team
     
    1919
    2020if ( ! defined( 'GHOSTKIT_VERSION' ) ) {
    21     define( 'GHOSTKIT_VERSION', '3.4.5' );
     21    define( 'GHOSTKIT_VERSION', '3.4.6' );
    2222}
    2323

  • ghostkit/tags/3.4.6/gutenberg/extend/effects/index.php

    r3037555 r3413383  
    4848     */
    4949    public function render_block( $block_content, $block, $block_type ) {
     50        global $wp_version;
    5051        $has_effects_support = block_has_support( $block_type, array( 'ghostkit', 'effects' ), null );
    5152
     
    7576            $effects_data_string = wp_json_encode( $effects_data );
    7677
    77             $processor->set_attribute( 'data-gkt-effects', esc_attr( $effects_data_string ) );
     78            // WP 6.9+ automatically escapes attributes in WP_HTML_Tag_Processor.
     79            // For older versions, we need to manually escape to prevent XSS.
     80            //
     81            // Possible related issues:
     82            // - https://github.com/WordPress/wordpress-develop/pull/10591
     83            // - https://core.trac.wordpress.org/ticket/64340 .
     84            if ( version_compare( $wp_version, '6.9', '<' ) ) {
     85                $effects_data_string = esc_attr( $effects_data_string );
     86            }
     87
     88            $processor->set_attribute( 'data-gkt-effects', $effects_data_string );
    7889
    7990            if ( ! empty( $effects_data['reveal'] ) ) {

  • ghostkit/tags/3.4.6/languages/ghostkit.pot

    r3410135 r3413383  
    33msgid ""
    44msgstr ""
    5 "Project-Id-Version: Ghost Kit 3.4.5\n"
     5"Project-Id-Version: Ghost Kit 3.4.6\n"
    66"Report-Msgid-Bugs-To: https://github.com/nk-o/ghostkit/issues\n"
    77"Last-Translator: nK\n"
     
    1010"Content-Type: text/plain; charset=UTF-8\n"
    1111"Content-Transfer-Encoding: 8bit\n"
    12 "POT-Creation-Date: 2025-12-03T20:43:43+00:00\n"
     12"POT-Creation-Date: 2025-12-07T07:35:58+00:00\n"
    1313"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
    1414"X-Generator: WP-CLI 2.9.0\n"

  • ghostkit/tags/3.4.6/readme.txt

    r3410135 r3413383  
    77* Tested up to: 6.9
    88* Requires PHP: 7.2
    9 * Stable tag: 3.4.5
     9* Stable tag: 3.4.6
    1010* License: GPLv2 or later
    1111* License URI: <http://www.gnu.org/licenses/gpl-2.0.html>
     
    270270
    271271## Changelog ##
     272
     273= 3.4.6 - Dec 7, 2025 =
     274
     275* fixed incorrect double escaping of Effects extension attribute because of WP 6.9 changes
     276* **Pro:**
     277* fixed incorrect double escaping of Attributes extension attribute because of WP 6.9 changes
    272278
    273279= 3.4.5 - Dec 3, 2025 =

  • ghostkit/trunk/CHANGELOG.md

    r3410135 r3413383  
    22
    33All notable changes to this project will be documented in this file.
     4
     5= 3.4.6 - Dec 7, 2025 =
     6
     7* fixed incorrect double escaping of Effects extension attribute because of WP 6.9 changes
     8* **Pro:**
     9* fixed incorrect double escaping of Attributes extension attribute because of WP 6.9 changes
    410
    511= 3.4.5 - Dec 3, 2025 =

  • ghostkit/trunk/class-ghost-kit.php

    r3410135 r3413383  
    33 * Plugin Name:  Ghost Kit
    44 * Description:  Page Builder Blocks and Extensions for Gutenberg
    5  * Version:      3.4.5
     5 * Version:      3.4.6
    66 * Plugin URI:   https://www.ghostkit.io/?utm_source=wordpress.org&utm_medium=readme&utm_campaign=byline
    77 * Author:       Ghost Kit Team
     
    1919
    2020if ( ! defined( 'GHOSTKIT_VERSION' ) ) {
    21     define( 'GHOSTKIT_VERSION', '3.4.5' );
     21    define( 'GHOSTKIT_VERSION', '3.4.6' );
    2222}
    2323

  • ghostkit/trunk/gutenberg/extend/effects/index.php

    r3037555 r3413383  
    4848     */
    4949    public function render_block( $block_content, $block, $block_type ) {
     50        global $wp_version;
    5051        $has_effects_support = block_has_support( $block_type, array( 'ghostkit', 'effects' ), null );
    5152
     
    7576            $effects_data_string = wp_json_encode( $effects_data );
    7677
    77             $processor->set_attribute( 'data-gkt-effects', esc_attr( $effects_data_string ) );
     78            // WP 6.9+ automatically escapes attributes in WP_HTML_Tag_Processor.
     79            // For older versions, we need to manually escape to prevent XSS.
     80            //
     81            // Possible related issues:
     82            // - https://github.com/WordPress/wordpress-develop/pull/10591
     83            // - https://core.trac.wordpress.org/ticket/64340 .
     84            if ( version_compare( $wp_version, '6.9', '<' ) ) {
     85                $effects_data_string = esc_attr( $effects_data_string );
     86            }
     87
     88            $processor->set_attribute( 'data-gkt-effects', $effects_data_string );
    7889
    7990            if ( ! empty( $effects_data['reveal'] ) ) {

  • ghostkit/trunk/languages/ghostkit.pot

    r3410135 r3413383  
    33msgid ""
    44msgstr ""
    5 "Project-Id-Version: Ghost Kit 3.4.5\n"
     5"Project-Id-Version: Ghost Kit 3.4.6\n"
    66"Report-Msgid-Bugs-To: https://github.com/nk-o/ghostkit/issues\n"
    77"Last-Translator: nK\n"
     
    1010"Content-Type: text/plain; charset=UTF-8\n"
    1111"Content-Transfer-Encoding: 8bit\n"
    12 "POT-Creation-Date: 2025-12-03T20:43:43+00:00\n"
     12"POT-Creation-Date: 2025-12-07T07:35:58+00:00\n"
    1313"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
    1414"X-Generator: WP-CLI 2.9.0\n"

  • ghostkit/trunk/readme.txt

    r3410135 r3413383  
    77* Tested up to: 6.9
    88* Requires PHP: 7.2
    9 * Stable tag: 3.4.5
     9* Stable tag: 3.4.6
    1010* License: GPLv2 or later
    1111* License URI: <http://www.gnu.org/licenses/gpl-2.0.html>
     
    270270
    271271## Changelog ##
     272
     273= 3.4.6 - Dec 7, 2025 =
     274
     275* fixed incorrect double escaping of Effects extension attribute because of WP 6.9 changes
     276* **Pro:**
     277* fixed incorrect double escaping of Attributes extension attribute because of WP 6.9 changes
    272278
    273279= 3.4.5 - Dec 3, 2025 =
Note: See TracChangeset for help on using the changeset viewer.