Version Description
- 2021-04-13 - fix - security issue fixed
Download this release
Release Info
| Developer | pickplugins |
| Plugin |  Accordion |
| Version | 2.2.28 |
| Comparing to | |
| See all releases | |
Code changes from version 2.2.27 to 2.2.28
- accordions.php +2 -2
- includes/class-admin-notices.php +1 -1
- includes/class-post-meta-accordions.php +1 -1
- includes/class-post-meta-product.php +1 -1
- includes/class-settings-hook.php +3 -3
- includes/functions-wc.php +1 -1
- includes/functions.php +1 -1
- includes/menu/settings.php +1 -1
- readme.txt +4 -1
accordions.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: Accordions by PickPlugins
|
| 4 |
Plugin URI: https://www.pickplugins.com/item/accordions-html-css3-responsive-accordion-grid-for-wordpress/?ref=dashboard
|
| 5 |
Description: Fully responsive and mobile ready accordion grid for wordpress.
|
| 6 |
-
Version: 2.2.
|
| 7 |
Author: PickPlugins
|
| 8 |
Author URI: http://pickplugins.com
|
| 9 |
Text Domain: accordions
|
|
@@ -21,7 +21,7 @@ class Accordions{
|
|
| 21 |
|
| 22 |
define('accordions_plugin_url', plugins_url('/', __FILE__) );
|
| 23 |
define('accordions_plugin_dir', plugin_dir_path( __FILE__ ) );
|
| 24 |
-
define('accordions_version', '2.2.
|
| 25 |
define('accordions_plugin_name', 'Accordions' );
|
| 26 |
define('accordions_plugin_basename', plugin_basename( __FILE__ ) );
|
| 27 |
|
| 3 |
Plugin Name: Accordions by PickPlugins
|
| 4 |
Plugin URI: https://www.pickplugins.com/item/accordions-html-css3-responsive-accordion-grid-for-wordpress/?ref=dashboard
|
| 5 |
Description: Fully responsive and mobile ready accordion grid for wordpress.
|
| 6 |
+
Version: 2.2.28
|
| 7 |
Author: PickPlugins
|
| 8 |
Author URI: http://pickplugins.com
|
| 9 |
Text Domain: accordions
|
| 21 |
|
| 22 |
define('accordions_plugin_url', plugins_url('/', __FILE__) );
|
| 23 |
define('accordions_plugin_dir', plugin_dir_path( __FILE__ ) );
|
| 24 |
+
define('accordions_version', '2.2.28' );
|
| 25 |
define('accordions_plugin_name', 'Accordions' );
|
| 26 |
define('accordions_plugin_basename', plugin_basename( __FILE__ ) );
|
| 27 |
|
includes/class-admin-notices.php
CHANGED
|
@@ -18,7 +18,7 @@ class class_accordions_notices{
|
|
| 18 |
$actionurl = admin_url().'edit.php?post_type=accordions&page=upgrade_status';
|
| 19 |
$actionurl = wp_nonce_url( $actionurl, 'accordions_upgrade' );
|
| 20 |
|
| 21 |
-
$nonce = isset($_REQUEST['_wpnonce']) ? $_REQUEST['_wpnonce'] : '';
|
| 22 |
|
| 23 |
if ( wp_verify_nonce( $nonce, 'accordions_upgrade' ) ){
|
| 24 |
$accordions_plugin_info['accordions_upgrade'] = 'processing';
|
| 18 |
$actionurl = admin_url().'edit.php?post_type=accordions&page=upgrade_status';
|
| 19 |
$actionurl = wp_nonce_url( $actionurl, 'accordions_upgrade' );
|
| 20 |
|
| 21 |
+
$nonce = isset($_REQUEST['_wpnonce']) ? sanitize_text_field($_REQUEST['_wpnonce']) : '';
|
| 22 |
|
| 23 |
if ( wp_verify_nonce( $nonce, 'accordions_upgrade' ) ){
|
| 24 |
$accordions_plugin_info['accordions_upgrade'] = 'processing';
|
includes/class-post-meta-accordions.php
CHANGED
|
@@ -238,7 +238,7 @@ class class_accordions_post_meta{
|
|
| 238 |
if (!isset($_POST['accordions_nonce_check_value']))
|
| 239 |
return $post_id;
|
| 240 |
|
| 241 |
-
$nonce = $_POST['accordions_nonce_check_value'];
|
| 242 |
|
| 243 |
// Verify that the nonce is valid.
|
| 244 |
if (!wp_verify_nonce($nonce, 'accordions_nonce_check'))
|
| 238 |
if (!isset($_POST['accordions_nonce_check_value']))
|
| 239 |
return $post_id;
|
| 240 |
|
| 241 |
+
$nonce = sanitize_text_field($_POST['accordions_nonce_check_value']);
|
| 242 |
|
| 243 |
// Verify that the nonce is valid.
|
| 244 |
if (!wp_verify_nonce($nonce, 'accordions_nonce_check'))
|
includes/class-post-meta-product.php
CHANGED
|
@@ -123,7 +123,7 @@ class class_accordions_post_meta_product{
|
|
| 123 |
if ( ! isset( $_POST['meta_boxes_accordions_wc_input_nonce'] ) )
|
| 124 |
return $post_id;
|
| 125 |
|
| 126 |
-
$nonce = $_POST['meta_boxes_accordions_wc_input_nonce'];
|
| 127 |
|
| 128 |
// Verify that the nonce is valid.
|
| 129 |
if ( ! wp_verify_nonce( $nonce, 'meta_boxes_accordions_wc_input' ) )
|
| 123 |
if ( ! isset( $_POST['meta_boxes_accordions_wc_input_nonce'] ) )
|
| 124 |
return $post_id;
|
| 125 |
|
| 126 |
+
$nonce = sanitize_text_field($_POST['meta_boxes_accordions_wc_input_nonce']);
|
| 127 |
|
| 128 |
// Verify that the nonce is valid.
|
| 129 |
if ( ! wp_verify_nonce( $nonce, 'meta_boxes_accordions_wc_input' ) )
|
includes/class-settings-hook.php
CHANGED
|
@@ -269,7 +269,7 @@ if(!function_exists('accordions_settings_content_help_support')) {
|
|
| 269 |
$actionurl = admin_url().'edit.php?post_type=accordions&page=settings&tab=help_support';
|
| 270 |
$actionurl = wp_nonce_url( $actionurl, 'accordions_reset_migration' );
|
| 271 |
|
| 272 |
-
$nonce = isset($_REQUEST['_wpnonce']) ? $_REQUEST['_wpnonce'] : '';
|
| 273 |
|
| 274 |
if ( wp_verify_nonce( $nonce, 'accordions_reset_migration' ) ){
|
| 275 |
|
|
@@ -424,11 +424,11 @@ if(!function_exists('accordions_settings_content_3rd_party_import')) {
|
|
| 424 |
$actionurl = admin_url().'edit.php?post_type=accordions&page=settings&tab=3rd_party_import';
|
| 425 |
$actionurl = wp_nonce_url( $actionurl, '3rd_party_import' );
|
| 426 |
|
| 427 |
-
$nonce = isset($_REQUEST['_wpnonce']) ? $_REQUEST['_wpnonce'] : '';
|
| 428 |
|
| 429 |
if ( wp_verify_nonce( $nonce, '3rd_party_import' ) ){
|
| 430 |
|
| 431 |
-
$source = isset($_REQUEST['source']) ? $_REQUEST['source'] : '';
|
| 432 |
|
| 433 |
$accordions_plugin_info['3rd_party_import'] = 'processing';
|
| 434 |
update_option('accordions_plugin_info', $accordions_plugin_info);
|
| 269 |
$actionurl = admin_url().'edit.php?post_type=accordions&page=settings&tab=help_support';
|
| 270 |
$actionurl = wp_nonce_url( $actionurl, 'accordions_reset_migration' );
|
| 271 |
|
| 272 |
+
$nonce = isset($_REQUEST['_wpnonce']) ? sanitize_text_field($_REQUEST['_wpnonce']) : '';
|
| 273 |
|
| 274 |
if ( wp_verify_nonce( $nonce, 'accordions_reset_migration' ) ){
|
| 275 |
|
| 424 |
$actionurl = admin_url().'edit.php?post_type=accordions&page=settings&tab=3rd_party_import';
|
| 425 |
$actionurl = wp_nonce_url( $actionurl, '3rd_party_import' );
|
| 426 |
|
| 427 |
+
$nonce = isset($_REQUEST['_wpnonce']) ? sanitize_text_field($_REQUEST['_wpnonce']) : '';
|
| 428 |
|
| 429 |
if ( wp_verify_nonce( $nonce, '3rd_party_import' ) ){
|
| 430 |
|
| 431 |
+
$source = isset($_REQUEST['source']) ? sanitize_text_field($_REQUEST['source']) : '';
|
| 432 |
|
| 433 |
$accordions_plugin_info['3rd_party_import'] = 'processing';
|
| 434 |
update_option('accordions_plugin_info', $accordions_plugin_info);
|
includes/functions-wc.php
CHANGED
|
@@ -52,7 +52,7 @@ function accordions_ajax_wc_get_accordions(){
|
|
| 52 |
if(current_user_can( 'manage_options' )) {
|
| 53 |
// you can use WP_Query, query_posts() or get_posts() here - it doesn't matter
|
| 54 |
$search_results = new WP_Query(array(
|
| 55 |
-
's' => $_GET['q'], // the search query
|
| 56 |
'post_type' => 'accordions',
|
| 57 |
'post_status' => 'publish', // if you don't want drafts to be returned
|
| 58 |
'ignore_sticky_posts' => 1,
|
| 52 |
if(current_user_can( 'manage_options' )) {
|
| 53 |
// you can use WP_Query, query_posts() or get_posts() here - it doesn't matter
|
| 54 |
$search_results = new WP_Query(array(
|
| 55 |
+
's' => sanitize_text_field($_GET['q']), // the search query
|
| 56 |
'post_type' => 'accordions',
|
| 57 |
'post_status' => 'publish', // if you don't want drafts to be returned
|
| 58 |
'ignore_sticky_posts' => 1,
|
includes/functions.php
CHANGED
|
@@ -456,7 +456,7 @@ function accordions_ajax_import_json(){
|
|
| 456 |
|
| 457 |
if(current_user_can( 'manage_options' )){
|
| 458 |
|
| 459 |
-
$json_file = isset($_POST['json_file']) ? $_POST['json_file'] : '';
|
| 460 |
$string = file_get_contents($json_file);
|
| 461 |
$json_a = json_decode($string,true);
|
| 462 |
|
| 456 |
|
| 457 |
if(current_user_can( 'manage_options' )){
|
| 458 |
|
| 459 |
+
$json_file = isset($_POST['json_file']) ? esc_url_raw($_POST['json_file']) : '';
|
| 460 |
$string = file_get_contents($json_file);
|
| 461 |
$json_a = json_decode($string,true);
|
| 462 |
|
includes/menu/settings.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
if ( ! defined('ABSPATH')) exit; // if direct access
|
| 3 |
|
| 4 |
|
| 5 |
-
$current_tab = isset($_REQUEST['tab']) ? $_REQUEST['tab'] : 'general';
|
| 6 |
|
| 7 |
$accordions_settings_tab = array();
|
| 8 |
|
| 2 |
if ( ! defined('ABSPATH')) exit; // if direct access
|
| 3 |
|
| 4 |
|
| 5 |
+
$current_tab = isset($_REQUEST['tab']) ? sanitize_text_field($_REQUEST['tab']) : 'general';
|
| 6 |
|
| 7 |
$accordions_settings_tab = array();
|
| 8 |
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
Tags: accordion, tabs, FAQ, WooCommerce FAQ Tab, accordion short-code, accordions widget, tab
|
| 5 |
Requires at least: 3.8
|
| 6 |
Tested up to: 5.7
|
| 7 |
-
Stable tag: 2.2.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -139,6 +139,9 @@ then paste this shortcode anywhere in your page to display accordions<br />
|
|
| 139 |
|
| 140 |
== Changelog ==
|
| 141 |
|
|
|
|
|
|
|
|
|
|
| 142 |
= 2.2.27 =
|
| 143 |
* 2020-10-14 - fix - security issue fixed
|
| 144 |
|
| 4 |
Tags: accordion, tabs, FAQ, WooCommerce FAQ Tab, accordion short-code, accordions widget, tab
|
| 5 |
Requires at least: 3.8
|
| 6 |
Tested up to: 5.7
|
| 7 |
+
Stable tag: 2.2.28
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 139 |
|
| 140 |
== Changelog ==
|
| 141 |
|
| 142 |
+
= 2.2.28 =
|
| 143 |
+
* 2021-04-13 - fix - security issue fixed
|
| 144 |
+
|
| 145 |
= 2.2.27 =
|
| 146 |
* 2020-10-14 - fix - security issue fixed
|
| 147 |
|
