WordPress.org
Get WordPress

Plugin Directory

Changeset 3487270


Ignore:
Timestamp:
03/20/2026 02:53:07 PM (2 weeks ago)
Author:
artplacer
Message:

Refactoring vulnerability fix

Location:
artplacer-widget/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • artplacer-widget/trunk/artplacer-widget.php

    r3487263 r3487270  
    44Plugin URI: https://wordpress.org/plugins/artplacer-widget/
    55Description: Display the ArtPlacer widget into your products or posts.
    6 Version: 2.23.4
     6Version: 2.23.5
    77Author: ArtPlacer
    88Author URI: http://www.artplacer.com

  • artplacer-widget/trunk/includes/functions.php

    r3487263 r3487270  
    5454    $attribute_name = preg_replace('/[^a-zA-Z0-9_\-:]/', '', (string) $attribute_name);
    5555
    56     $forbidden_attributes = ["onclick", "ondblclick", "onmousedown", "onmouseup", "onmouseover", "onmousemove", "onmouseout", "onkeydown", "onkeypress", "onkeyup", "onload", "onunload", "onbeforeunload", "onerror", "onabort", "onsubmit", "onreset", "onchange", "oninput", "onselect", "onfocus", "onblur", "onscroll", "onresize", "ondragstart", "ondrop", "ondragover", "onplay", "onpause", "onended", "onvolumechange", "onmessage", "onstorage", "onoffline", "ononline", "href", "src", "action", "formaction", "data", "poster", "background", "lowsrc", "dynsrc", "srcdoc", "style", "xlink:href", "content"];
    57     if ($attribute_name === '' || in_array($attribute_name, $forbidden_attributes)) return $string;
    58    
     56    if ($attribute_name === '') return $string;
     57
    5958    $value = function_exists('esc_attr') ? esc_attr($value) : htmlspecialchars((string) $value, ENT_QUOTES, 'UTF-8');
    6059    if ($attribute_exists && $replace) {
     
    8281}
    8382
     83function sanitizeHTML($string, $forbidden_attributes = array())
     84{
     85    if (empty($forbidden_attributes)) {
     86        $forbidden_attributes = ["onclick", "ondblclick", "onmousedown", "onmouseup", "onmouseover", "onmousemove", "onmouseout", "onkeydown", "onkeypress", "onkeyup", "onload", "onunload", "onbeforeunload", "onerror", "onabort", "onsubmit", "onreset", "onchange", "oninput", "onselect", "onfocus", "onblur", "onscroll", "onresize", "ondragstart", "ondrop", "ondragover", "onplay", "onpause", "onended", "onvolumechange", "onmessage", "onstorage", "onoffline", "ononline", "href", "src", "action", "formaction", "data", "poster", "background", "lowsrc", "dynsrc", "srcdoc", "style", "xlink:href", "content"];
     87    }
     88    $forbidden_attributes = array_map('strtolower', $forbidden_attributes);
     89    $string = preg_replace('/<(script|style)[^>]*>.*?<\/\\1>/si', '', $string);
     90    foreach ($forbidden_attributes as $attr) {
     91        $string = preg_replace('/\s+' . preg_quote($attr, '/') . '\s*=\s*(?:"[^"]*"|\'[^\']*\'|[^\s>]+)/i', '', $string);
     92        $string = preg_replace('/\s+' . preg_quote($attr, '/') . '\b/i', '', $string);
     93    }
     94    return $string;
     95}
     96
    8497function getArtPlacerWidgetCode($code, $widget = NULL)
    8598{
    86     if (str_contains($code, '<script')) return;
    87     $script = shortcodeToHTML($code);
     99    $script = sanitizeHTML(shortcodeToHTML($code));
    88100    $product = function_exists('wc_get_product') ? wc_get_product(get_the_ID()) : NULL;
    89101

  • artplacer-widget/trunk/readme.txt

    r3487263 r3487270  
    138138= 2.23.2 =
    139139* Prevents remote XSS vulnerability.
    140 = 2.23.4 =
     140= 2.23.5 =
    141141* Prevents unlikely XSS vulnerability.
Note: See TracChangeset for help on using the changeset viewer.