WordPress.org
Get WordPress

Plugin Directory

Changeset 3474342


Ignore:
Timestamp:
03/04/2026 09:05:58 AM (8 days ago)
Author:
dueclic
Message:

Update to version 3.5.2 from GitHub

Location:
emailchef
Files:
6 added
10 edited
1 copied

Legend:

Unmodified
Added
Removed

  • emailchef/tags/3.5.2/.wordpress-org/readme/README.md

    r3407781 r3474342  
    55Requires at least: 5.0
    66Tested up to: 6.9
    7 Stable tag: 3.5.1
     7Stable tag: 3.5.2
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    4242
    4343== Changelog ==
     44= 3.5.2 =
     45* Security: added capability check and nonce verification on AJAX endpoints
     46* Fix: sanitize POST parameters in page_forms_ajax_form
     47* bump version to 3.5.2
    4448
    4549= 3.5.1 =

  • emailchef/tags/3.5.2/README.md

    r3407781 r3474342  
    55Requires at least: 5.0
    66Tested up to: 6.9
    7 Stable tag: 3.5.1
     7Stable tag: 3.5.2
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    4242
    4343== Changelog ==
     44= 3.5.2 =
     45* Security: added capability check and nonce verification on AJAX endpoints
     46* Fix: sanitize POST parameters in page_forms_ajax_form
     47* bump version to 3.5.2
    4448
    4549= 3.5.1 =

  • emailchef/tags/3.5.2/admin/class-emailchef-admin.php

    r3226665 r3474342  
    7878        wp_enqueue_script( $this->plugin_name.'-admin' , plugin_dir_url( __FILE__ ) . 'js/emailchef-admin.js', array( 'jquery' ), $this->version, false );
    7979        wp_localize_script($this->plugin_name.'-admin', 'emailchefI18n', [
    80             'disconnect_account_confirm' => __('Are you sure you want to disconnect your account?', 'emailchef')
     80            'disconnect_account_confirm' => __('Are you sure you want to disconnect your account?', 'emailchef'),
     81            'nonce' => wp_create_nonce('emailchef_ajax_nonce'),
    8182        ] );
    8283    }
     
    180181    public function page_options_ajax_check_login() {
    181182
     183        check_ajax_referer('emailchef_ajax_nonce', 'nonce');
     184
     185        if ( ! current_user_can('manage_options') ) {
     186            wp_send_json_error(null, 403);
     187        }
     188
    182189        $consumer_key     = sanitize_text_field($_POST['consumer_key']);
    183190        $consumer_secret = sanitize_text_field($_POST['consumer_secret']);
     
    200207    public function page_options_ajax_disconnect() {
    201208
     209        check_ajax_referer('emailchef_ajax_nonce', 'nonce');
     210
     211        if ( ! current_user_can('manage_options') ) {
     212            wp_send_json_error(null, 403);
     213        }
     214
    202215        delete_option('emailchef_settings');
    203216        delete_option(Emailchef_Forms_Option::OPTION_NAME);
     
    213226    public function page_forms_ajax_form() {
    214227        global $wpdb; // this is how you get access to the database
     228
     229        check_ajax_referer('emailchef_ajax_nonce', 'nonce');
     230
     231        if ( ! current_user_can('manage_options') ) {
     232            wp_send_json_error(null, 403);
     233        }
    215234        include_once plugin_dir_path( __FILE__ ) . '../includes/class-emailchef-forms-option.php';
    216235        include_once plugin_dir_path( __FILE__ ) . '../includes/drivers/class-emailchef-drivers-forms.php';

  • emailchef/tags/3.5.2/admin/js/emailchef-admin.js

    r3226665 r3474342  
    1010                'action': 'emailchef_check_login',
    1111                'consumer_key': email,
    12                 'consumer_secret': password
     12                'consumer_secret': password,
     13                'nonce': emailchefI18n.nonce
    1314            };
    1415
     
    2627
    2728                var data = {
    28                     'action': 'emailchef_disconnect'
     29                    'action': 'emailchef_disconnect',
     30                    'nonce': emailchefI18n.nonce
    2931                };
    3032
     
    112114                'action': 'emailchef_forms_form',
    113115                'id': $(that).data('id'),
    114                 'driver': $(that).data('driver')
     116                'driver': $(that).data('driver'),
     117                'nonce': emailchefI18n.nonce
    115118            };
    116119

  • emailchef/tags/3.5.2/emailchef.php

    r3407781 r3474342  
    99 * Plugin URI:        https://emailchef.com/
    1010 * Description:       Emailchef: the easiest way to create great newsletters. Sync form submissions automatically from Elementor, Contact Form 7, FSCF, and Jetpack.
    11  * Version:           3.5.1
     11 * Version:           3.5.2
    1212 * Author:            emailchef
    1313 * Author URI:        https://www.emailchef.com

  • emailchef/trunk/.wordpress-org/readme/README.md

    r3407781 r3474342  
    55Requires at least: 5.0
    66Tested up to: 6.9
    7 Stable tag: 3.5.1
     7Stable tag: 3.5.2
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    4242
    4343== Changelog ==
     44= 3.5.2 =
     45* Security: added capability check and nonce verification on AJAX endpoints
     46* Fix: sanitize POST parameters in page_forms_ajax_form
     47* bump version to 3.5.2
    4448
    4549= 3.5.1 =

  • emailchef/trunk/README.md

    r3407781 r3474342  
    55Requires at least: 5.0
    66Tested up to: 6.9
    7 Stable tag: 3.5.1
     7Stable tag: 3.5.2
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    4242
    4343== Changelog ==
     44= 3.5.2 =
     45* Security: added capability check and nonce verification on AJAX endpoints
     46* Fix: sanitize POST parameters in page_forms_ajax_form
     47* bump version to 3.5.2
    4448
    4549= 3.5.1 =

  • emailchef/trunk/admin/class-emailchef-admin.php

    r3226665 r3474342  
    7878        wp_enqueue_script( $this->plugin_name.'-admin' , plugin_dir_url( __FILE__ ) . 'js/emailchef-admin.js', array( 'jquery' ), $this->version, false );
    7979        wp_localize_script($this->plugin_name.'-admin', 'emailchefI18n', [
    80             'disconnect_account_confirm' => __('Are you sure you want to disconnect your account?', 'emailchef')
     80            'disconnect_account_confirm' => __('Are you sure you want to disconnect your account?', 'emailchef'),
     81            'nonce' => wp_create_nonce('emailchef_ajax_nonce'),
    8182        ] );
    8283    }
     
    180181    public function page_options_ajax_check_login() {
    181182
     183        check_ajax_referer('emailchef_ajax_nonce', 'nonce');
     184
     185        if ( ! current_user_can('manage_options') ) {
     186            wp_send_json_error(null, 403);
     187        }
     188
    182189        $consumer_key     = sanitize_text_field($_POST['consumer_key']);
    183190        $consumer_secret = sanitize_text_field($_POST['consumer_secret']);
     
    200207    public function page_options_ajax_disconnect() {
    201208
     209        check_ajax_referer('emailchef_ajax_nonce', 'nonce');
     210
     211        if ( ! current_user_can('manage_options') ) {
     212            wp_send_json_error(null, 403);
     213        }
     214
    202215        delete_option('emailchef_settings');
    203216        delete_option(Emailchef_Forms_Option::OPTION_NAME);
     
    213226    public function page_forms_ajax_form() {
    214227        global $wpdb; // this is how you get access to the database
     228
     229        check_ajax_referer('emailchef_ajax_nonce', 'nonce');
     230
     231        if ( ! current_user_can('manage_options') ) {
     232            wp_send_json_error(null, 403);
     233        }
    215234        include_once plugin_dir_path( __FILE__ ) . '../includes/class-emailchef-forms-option.php';
    216235        include_once plugin_dir_path( __FILE__ ) . '../includes/drivers/class-emailchef-drivers-forms.php';

  • emailchef/trunk/admin/js/emailchef-admin.js

    r3226665 r3474342  
    1010                'action': 'emailchef_check_login',
    1111                'consumer_key': email,
    12                 'consumer_secret': password
     12                'consumer_secret': password,
     13                'nonce': emailchefI18n.nonce
    1314            };
    1415
     
    2627
    2728                var data = {
    28                     'action': 'emailchef_disconnect'
     29                    'action': 'emailchef_disconnect',
     30                    'nonce': emailchefI18n.nonce
    2931                };
    3032
     
    112114                'action': 'emailchef_forms_form',
    113115                'id': $(that).data('id'),
    114                 'driver': $(that).data('driver')
     116                'driver': $(that).data('driver'),
     117                'nonce': emailchefI18n.nonce
    115118            };
    116119

  • emailchef/trunk/emailchef.php

    r3407781 r3474342  
    99 * Plugin URI:        https://emailchef.com/
    1010 * Description:       Emailchef: the easiest way to create great newsletters. Sync form submissions automatically from Elementor, Contact Form 7, FSCF, and Jetpack.
    11  * Version:           3.5.1
     11 * Version:           3.5.2
    1212 * Author:            emailchef
    1313 * Author URI:        https://www.emailchef.com
Note: See TracChangeset for help on using the changeset viewer.