WordPress.org
Get WordPress

Plugin Directory

Changeset 3435506


Ignore:
Timestamp:
01/08/2026 10:02:00 PM (2 months ago)
Author:
Dharm1025
Message:

Releasing version 1.9.1 to WordPress.org plugin repository.

Location:
mailchimp/tags/1.9.1
Files:
3 edited
1 copied

Legend:

Unmodified
Added
Removed

  • mailchimp/tags/1.9.1/includes/admin/templates/settings.php

    r3306750 r3435506  
    104104                                    <td>
    105105                                        <input type="hidden" name="mcsf_action" value="update_mc_list_id" />
     106                                        <?php wp_nonce_field( 'update_mc_list_id_action', 'update_mc_list_id_nonce' ); ?>
    106107                                        <input type="submit" name="Submit" value="<?php esc_attr_e( 'Update List', 'mailchimp' ); ?>" class="button mailchimp-sf-button small" />
    107108                                    </td>

  • mailchimp/tags/1.9.1/mailchimp.php

    r3306750 r3435506  
    55 * Description:       Add a Mailchimp signup form block, widget or shortcode to your WordPress site.
    66 * Text Domain:       mailchimp
    7  * Version:           1.9.0
     7 * Version:           1.9.1
    88 * Requires at least: 6.4
    99 * Requires PHP:      7.0
     
    6868
    6969// Version constant for easy CSS refreshes
    70 define( 'MCSF_VER', '1.9.0' );
     70define( 'MCSF_VER', '1.9.1' );
    7171
    7272// What's our permission (capability) threshold
     
    531531    }
    532532
     533    if (
     534        ! current_user_can( MCSF_CAP_THRESHOLD ) ||
     535        ! isset( $_POST['update_mc_list_id_nonce'] ) ||
     536        ! wp_verify_nonce( sanitize_key( $_POST['update_mc_list_id_nonce'] ), 'update_mc_list_id_action' )
     537    ) {
     538        wp_die( 'Security check failed.' );
     539    }
     540
    533541    if ( empty( $_POST['mc_list_id'] ) ) {
    534542        $msg = esc_html__( 'Please choose a valid list', 'mailchimp' );
     
    536544        return;
    537545    }
    538 
    539     // Simple permission check before going through all this
    540     if ( ! current_user_can( MCSF_CAP_THRESHOLD ) ) { return; }
    541546
    542547    $api = mailchimp_sf_get_api();

  • mailchimp/tags/1.9.1/readme.txt

    r3306750 r3435506  
    33Tags:         mailchimp, email, newsletter, signup, marketing
    44Tested up to: 6.8
    5 Stable tag:   1.9.0
     5Stable tag:   1.9.1
    66License:      GPL-2.0-or-later
    77License URI:  https://spdx.org/licenses/GPL-2.0-or-later.html
     
    8080
    8181== Changelog ==
     82
     83= 1.9.1 - 2026-01-08 =
     84* **Fix:** Provide CSRF hardening for Mailchimp List changes.
    8285
    8386= 1.9.0 - 2025-06-04 =
Note: See TracChangeset for help on using the changeset viewer.