WordPress.org
Get WordPress

Plugin Directory

Changeset 3416916


Ignore:
Timestamp:
12/11/2025 02:57:21 AM (4 months ago)
Author:
LogicHunt
Message:

Fixed stored XSS vulnerability in multiple color fields.

Location:
logo-slider-wp
Files:
125 added
4 edited

Legend:

Unmodified
Added
Removed

  • logo-slider-wp/trunk/admin/class-logo-slider-wp-admin.php

    r3232831 r3416916  
    10031003
    10041004                $savable_Data['lgx_carousel_nav_position']          = (( isset($postData['lgx_carousel_nav_position'])) ? sanitize_text_field( $postData['lgx_carousel_nav_position'] ): 'top_right');
     1005             
    10051006                $savable_Data['lgx_carousel_nav_color']             = (( isset($postData['lgx_carousel_nav_color'])) ? sanitize_text_field( $postData['lgx_carousel_nav_color'] ): '#ffffff');
     1007
    10061008                $savable_Data['lgx_carousel_nav_color_hover']       = (( isset($postData['lgx_carousel_nav_color_hover'])) ? sanitize_text_field( $postData['lgx_carousel_nav_color_hover'] ): '#ffffff');
    10071009                $savable_Data['lgx_carousel_nav_bg_color']          = (( isset($postData['lgx_carousel_nav_bg_color'])) ? sanitize_text_field( $postData['lgx_carousel_nav_bg_color'] ): '#222b30');

  • logo-slider-wp/trunk/includes/LgxMetaForm.php

    r3232831 r3416916  
    440440
    441441
    442 
    443     /**
    444      * @param array $args
    445      *  hexa, rgba
    446      */
    447     public function color( array $args ) {
    448         global $post;
    449 
    450         if ( ! isset( $args['id'], $args['name'] , $args['label'] ) ) {
    451             return;
    452         }
    453 
    454         $status        = isset( $args['status'] ) ? $args['status'] : '';
    455         $is_pro       = (( $status == 'disabled') ? 'disabled' : '');
    456         $is_pro_label = (( $status== 'disabled') ? '<span class="lgx_meta_field_mark_pro_wrap"><span class="lgx_meta_field_mark">'.__('Pro', 'logo-slider-wp').'</span></span>' : '');
    457 
    458         $output= '<tr>';
    459 
    460         $output.= '<th scope="row">';
    461         $output.= '<h4 class="lgx_app_meta_label"><label for="'.$args['id'].'">'. $args['label'].'</label></h4>';
    462         $output.= '<p class="lgx_input_desc lgx_app_meta_desc">'. $args['desc'].'</p>';
    463         $output.= '</th>';
    464 
    465         $default_value = isset( $args['default'] ) ? $args['default'] : '';
    466         $meta          = get_post_meta( $post->ID, '_lgx_lsp_shortcodes_meta', true );
    467         $meta_value    = (! empty( $meta[$args['id']] ) ? $meta[$args['id']] : $default_value);
    468 
    469         $output.= '<td>';
    470         $output.= '<input type="text" value="'.$meta_value.'" id="'.$args['id'].'" class="lgx_app_meta_filed lgx_color_picker" name="'. $args['name'].'" data-default-color="'.$meta_value.'" data-alpha-enabled="true" '.$is_pro.'>';
    471         $output.= $is_pro_label;
    472         $output.= '</td>';
    473 
    474         $output.= '</tr>';
    475 
    476         echo force_balance_tags($output);
    477     }
    478 
     442/**
     443 * @param array $args
     444 * hexa, rgba
     445 */
     446public function color( array $args ) {
     447    global $post;
     448
     449    if ( ! isset( $args['id'], $args['name'], $args['label'] ) ) {
     450        return;
     451    }
     452
     453    $status        = isset( $args['status'] ) ? $args['status'] : '';
     454    $is_pro        = ( $status === 'disabled' ) ? 'disabled' : '';
     455    $is_pro_label  = ( $status === 'disabled' )
     456        ? '<span class="lgx_meta_field_mark_pro_wrap"><span class="lgx_meta_field_mark">'.esc_html__('Pro', 'logo-slider-wp').'</span></span>'
     457        : '';
     458
     459    $output  = '<tr>';
     460    $output .= '<th scope="row">';
     461    $output .= '<h4 class="lgx_app_meta_label"><label for="' . esc_attr($args['id']) . '">' . esc_html($args['label']) . '</label></h4>';
     462    $output .= '<p class="lgx_input_desc lgx_app_meta_desc">' . esc_html($args['desc']) . '</p>';
     463    $output .= '</th>';
     464
     465    $default_value = isset( $args['default'] ) ? $args['default'] : '';
     466    $meta          = get_post_meta( $post->ID, '_lgx_lsp_shortcodes_meta', true );
     467
     468    $meta_raw      = ! empty( $meta[$args['id']] ) ? $meta[$args['id']] : $default_value;
     469    $meta_value    = esc_attr( $meta_raw ); // <-- ONLY THIS is correct for output
     470
     471    $output .= '<td>';
     472    $output .= '<input type="text" value="' . $meta_value . '" id="' . esc_attr($args['id']) . '" class="lgx_app_meta_filed lgx_color_picker" name="' . esc_attr($args['name']) . '" data-default-color="' . esc_attr($meta_value) . '" data-alpha-enabled="true" ' . $is_pro . '>';
     473    $output .= $is_pro_label;
     474    $output .= '</td>';
     475    $output .= '</tr>';
     476
     477    echo $output;
     478}
    479479
    480480

  • logo-slider-wp/trunk/logo-slider-wp.php

    r3339911 r3416916  
    1111 * Plugin URI:        https://logichunt.com/product/wordpress-logo-slider/
    1212 * Description:       Ultimate & Most Popular Responsive Logo Showcase Slider. Display Unlimited Client, Supporter, Partner, Sponsor, or Brand Logo with Infinite Slides Loop.
    13  * Version:           4.8.0
     13 * Version:           4.9.0
    1414 * Author:            LogicHunt Inc.
    1515 * Author URI:        http://logichunt.com
     
    2828
    2929//plugin definition specific constants
    30 defined( 'LGX_LS_PLUGIN_VERSION' )        or define( 'LGX_LS_PLUGIN_VERSION', '4.8.0' );
     30defined( 'LGX_LS_PLUGIN_VERSION' )        or define( 'LGX_LS_PLUGIN_VERSION', '4.9.0' );
    3131defined( 'LGX_LS_WP_PLUGIN' )             or define( 'LGX_LS_WP_PLUGIN', 'logo-slider-wp' );
    3232defined( 'LGX_LS_PLUGIN_BASE' )           or define( 'LGX_LS_PLUGIN_BASE', plugin_basename( __FILE__ ) );

  • logo-slider-wp/trunk/readme.txt

    r3339911 r3416916  
    44TagsTags: logo slider, logo carousel, logo showcase, logo grid, wordpress logo slider, client logo slider, brand logo carousel slider, sponsors logo slider, logo carousel slider, responsive slider, wordpress logo slider, logo ticker, wordpress logo carousel, logo slideshow, partners slider, affiliates, supporters logo slider, team slider, team showcase, wordpress logo showcase, wp logo slider
    55Requires at least: 4.3
    6 Tested up to: 6.8.1
    7 Stable tag: 4.8.0
     6Tested up to: 6.9
     7Stable tag: 4.9.0
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    200200== Changelog ==
    201201
     202*= 4.9.0 =
     203* Security: Fixed stored XSS vulnerability in multiple color picker fields.
     204* Security: Added sanitization on save and escaping on output for all color settings.
     205* Security: Improved validation for Shortcode Generator user input.
     206* Enhancement: Confirmed compatibility with WordPress 6.9.
     207
    202208= 4.8.0 =
    203209* Check Latest Compatibility.
Note: See TracChangeset for help on using the changeset viewer.