WordPress.org
Get WordPress

Plugin Directory

Changeset 3435504


Ignore:
Timestamp:
01/08/2026 09:58:42 PM (2 months ago)
Author:
Dharm1025
Message:

Releasing version 1.8.1 to WordPress.org plugin repository.

Location:
mailchimp/tags/1.8.1
Files:
3 edited
1 copied

Legend:

Unmodified
Added
Removed

  • mailchimp/tags/1.8.1/mailchimp.php

    r3290145 r3435504  
    55 * Description:       Add a Mailchimp signup form block, widget or shortcode to your WordPress site.
    66 * Text Domain:       mailchimp
    7  * Version:           1.8.0
     7 * Version:           1.8.1
    88 * Requires at least: 6.4
    99 * Requires PHP:      7.0
     
    6868
    6969// Version constant for easy CSS refreshes
    70 define( 'MCSF_VER', '1.8.0' );
     70define( 'MCSF_VER', '1.8.1' );
    7171
    7272// What's our permission (capability) threshold
     
    565565    }
    566566
     567    if (
     568        ! current_user_can( MCSF_CAP_THRESHOLD ) ||
     569        ! isset( $_POST['update_mc_list_id_nonce'] ) ||
     570        ! wp_verify_nonce( sanitize_key( $_POST['update_mc_list_id_nonce'] ), 'update_mc_list_id_action' )
     571    ) {
     572        wp_die( 'Security check failed.' );
     573    }
     574
    567575    if ( empty( $_POST['mc_list_id'] ) ) {
    568576        $msg = esc_html__( 'Please choose a valid list', 'mailchimp' );
     
    570578        return;
    571579    }
    572 
    573     // Simple permission check before going through all this
    574     if ( ! current_user_can( MCSF_CAP_THRESHOLD ) ) { return; }
    575580
    576581    $api = mailchimp_sf_get_api();

  • mailchimp/tags/1.8.1/readme.txt

    r3290145 r3435504  
    33Tags:         mailchimp, email, newsletter, signup, marketing
    44Tested up to: 6.8
    5 Stable tag:   1.8.0
     5Stable tag:   1.8.1
    66License:      GPL-2.0-or-later
    77License URI:  https://spdx.org/licenses/GPL-2.0-or-later.html
     
    8181
    8282== Changelog ==
     83
     84= 1.8.1 - 2026-01-08 =
     85* **Fix:** Provide CSRF hardening for Mailchimp List changes.
    8386
    8487= 1.8.0 - 2025-05-08 =

  • mailchimp/tags/1.8.1/views/setup_page.php

    r3290145 r3435504  
    8989                        <td>
    9090                            <input type="hidden" name="mcsf_action" value="update_mc_list_id" />
     91                            <?php wp_nonce_field( 'update_mc_list_id_action', 'update_mc_list_id_nonce' ); ?>
    9192                            <input type="submit" name="Submit" value="<?php esc_attr_e( 'Update List', 'mailchimp' ); ?>" class="button mailchimp-sf-button small" />
    9293                        </td>
Note: See TracChangeset for help on using the changeset viewer.