Accordion - Version 2.2.47

Version Description

2022-08-29 - fix - Escape issue fixed.
- 2022-08-29 - add - Added filter hook "accordions_wp_kses" for allowed html tags for escaping.

Release Info

Developer	pickplugins
Plugin	Accordion
Version	2.2.47
Comparing to
See all releases

Code changes from version 2.2.46 to 2.2.47

Files changed (7) hide show

accordions.php +2 -2
includes/class-post-meta-accordions-hook.php +11 -4
includes/class-settings-hook.php +0 -4
includes/class-settings-tabs.php +31 -29
includes/functions.php +43 -0
includes/menu/settings.php +3 -2
readme.txt +7 -1

accordions.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Accordions by PickPlugins
4	Plugin URI: https://www.pickplugins.com/item/accordions-html-css3-responsive-accordion-grid-for-wordpress/?ref=dashboard
5	Description: Fully responsive and mobile ready accordion grid for wordpress.
6	- Version: 2.2.46
7	Author: PickPlugins
8	Author URI: http://pickplugins.com
9	Text Domain: accordions
	@@ -23,7 +23,7 @@ class Accordions
23
24	define('accordions_plugin_url', plugins_url('/', __FILE__));
25	define('accordions_plugin_dir', plugin_dir_path(__FILE__));
26	- define('accordions_version', '2.2.46');
27	define('accordions_plugin_name', 'Accordions');
28	define('accordions_plugin_basename', plugin_basename(__FILE__));
29


3	Plugin Name: Accordions by PickPlugins
4	Plugin URI: https://www.pickplugins.com/item/accordions-html-css3-responsive-accordion-grid-for-wordpress/?ref=dashboard
5	Description: Fully responsive and mobile ready accordion grid for wordpress.
6	+ Version: 2.2.47
7	Author: PickPlugins
8	Author URI: http://pickplugins.com
9	Text Domain: accordions

23
24	define('accordions_plugin_url', plugins_url('/', __FILE__));
25	define('accordions_plugin_dir', plugin_dir_path(__FILE__));
26	+ define('accordions_version', '2.2.47');
27	define('accordions_plugin_name', 'Accordions');
28	define('accordions_plugin_basename', plugin_basename(__FILE__));
29

includes/class-post-meta-accordions-hook.php CHANGED Viewed

	@@ -24,6 +24,10 @@ function accordions_metabox_content_shortcode($post_id){
24
25	<?php
26




27
28	ob_start();
29
	@@ -40,12 +44,12 @@ function accordions_metabox_content_shortcode($post_id){
40	</div>
41
42	<div class="copy-to-clipboard">
43	- <textarea cols="50" rows="1" style="background:#bfefff" onClick="this.select();" ><?php echo ~~'<?php echo do_shortcode~~(~~"[accordions id='; echo "'".esc_attr(~~$~~post_id~~)~~."']"~~; ~~echo '"); ?>';~~ ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
44	<p class="description"><?php echo __('PHP Code, you can use under theme .php files.','accordions'); ?></p>
45	</div>
46
47	<div class="copy-to-clipboard">
48	- <textarea cols="50" rows="1" style="background:#bfefff" onClick="this.select();" ><?php echo ~~'<?php echo do_shortcode~~(~~"[accordions_pplugins id='; echo "'".esc_attr(~~$~~post_id~~)~~."']"~~; ~~echo '"); ?>';~~ ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
49	<p class="description"><?php echo __('To avoid conflict, PHP code you can use under theme .php files.','accordions'); ?></p>
50	</div>
51
	@@ -70,6 +74,9 @@ function accordions_metabox_content_shortcode($post_id){
70
71	<?php
72



73
74	ob_start();
75
	@@ -86,12 +93,12 @@ function accordions_metabox_content_shortcode($post_id){
86	</div>
87
88	<div class="copy-to-clipboard">
89	- <textarea cols="50" rows="1" style="background:#bfefff" onClick="this.select();" ><?php echo ~~'<?php echo do_shortcode~~(~~"[accordions_tabs id='; echo "'".esc_attr(~~$~~post_id~~)~~."']"~~; ~~echo '"); ?>';~~ ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
90	<p class="description"><?php echo __('PHP Code, you can use under theme .php files.','accordions'); ?></p>
91	</div>
92
93	<div class="copy-to-clipboard">
94	- <textarea cols="50" rows="1" style="background:#bfefff" onClick="this.select();" ><?php echo ~~'<?php echo do_shortcode~~(~~"[accordions_tabs_pplugins id='; echo "'".esc_attr(~~$~~post_id~~)~~."']"~~; ~~echo '"); ?>';~~ ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
95	<p class="description"><?php echo __('To avoid conflict, PHP code you can use under theme .php files.','accordions'); ?></p>
96	</div>
97


24
25	<?php
26
27	+ $shortcode = '<?php echo do_shortcode("[accordions id="'.esc_attr($post_id).'"]"); ?>';
28	+ $shortcode2 = '<?php echo do_shortcode("[accordions_pplugins id="'.esc_attr($post_id).'"]"); ?>';
29	+
30	+ //var_dump($shortcode);
31
32	ob_start();
33

44	</div>
45
46	<div class="copy-to-clipboard">
47	+ <textarea cols="50" rows="2" style="background:#bfefff" onClick="this.select();" ><?php echo esc_textarea($shortcode); ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
48	<p class="description"><?php echo __('PHP Code, you can use under theme .php files.','accordions'); ?></p>
49	</div>
50
51	<div class="copy-to-clipboard">
52	+ <textarea cols="50" rows="2" style="background:#bfefff" onClick="this.select();" ><?php echo esc_textarea($shortcode2); ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
53	<p class="description"><?php echo __('To avoid conflict, PHP code you can use under theme .php files.','accordions'); ?></p>
54	</div>
55

74
75	<?php
76
77	+ $shortcode = '<?php echo do_shortcode("[accordions_tabs id="'.esc_attr($post_id).'"]"); ?>';
78	+ $shortcode2 = '<?php echo do_shortcode("[accordions_tabs_pplugins id="'.esc_attr($post_id).'"]"); ?>';
79	+
80
81	ob_start();
82

93	</div>
94
95	<div class="copy-to-clipboard">
96	+ <textarea cols="50" rows="2" style="background:#bfefff" onClick="this.select();" ><?php echo esc_textarea($shortcode); ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
97	<p class="description"><?php echo __('PHP Code, you can use under theme .php files.','accordions'); ?></p>
98	</div>
99
100	<div class="copy-to-clipboard">
101	+ <textarea cols="50" rows="2" style="background:#bfefff" onClick="this.select();" ><?php echo esc_textarea($shortcode); ?></textarea> <span class="copied"><?php echo __('Copied','accordions'); ?></span>
102	<p class="description"><?php echo __('To avoid conflict, PHP code you can use under theme .php files.','accordions'); ?></p>
103	</div>
104

includes/class-settings-hook.php CHANGED Viewed

	@@ -208,12 +208,8 @@ if(!function_exists('accordions_settings_content_help_support')) {
208	<p><?php echo __('Watch video tutorials.', 'accordions'); ?></p>
209	<a class="button" href="https://www.youtube.com/playlist?list=PL0QP7T2SN94ZPeQ83jOnteDDrOeDLBuFD"><i class="fab fa-youtube"></i> <?php echo __('All tutorials', 'accordions'); ?></a>
210
211	- <ul>
212	- <!-- <li><i class="far fa-dot-circle"></i> <a href="https://www.youtube.com/watch?v=4ZGMA6hOoxs">Accordions - data migration</a></li>-->
213
214
215	- </ul>
216	-
217
218
219	<?php


208	<p><?php echo __('Watch video tutorials.', 'accordions'); ?></p>
209	<a class="button" href="https://www.youtube.com/playlist?list=PL0QP7T2SN94ZPeQ83jOnteDDrOeDLBuFD"><i class="fab fa-youtube"></i> <?php echo __('All tutorials', 'accordions'); ?></a>
210


211
212


213
214
215	<?php

includes/class-settings-tabs.php CHANGED Viewed

	@@ -331,7 +331,7 @@ if (!class_exists('settings_tabs_field')) {
331
332	$input_html = ob_get_clean();
333
334	- echo sprintf($field_template, $title, $input_html, $group_details);
335	}
336
337
	@@ -401,7 +401,9 @@ if (!class_exists('settings_tabs_field')) {
401
402	$input_html = ob_get_clean();
403
404	- echo sprintf($field_template, $title, $input_html, $group_details);


405	}
406
407
	@@ -494,7 +496,7 @@ if (!class_exists('settings_tabs_field')) {
494
495	$input_html = ob_get_clean();
496
497	- echo sprintf($field_template, $title, $input_html, $details);
498	}
499
500
	@@ -577,7 +579,7 @@ if (!class_exists('settings_tabs_field')) {
577
578	$input_html = ob_get_clean();
579
580	- echo sprintf($field_template, $title, $input_html, $details);
581	}
582
583
	@@ -615,7 +617,7 @@ if (!class_exists('settings_tabs_field')) {
615	?>
616	<div class="item-wrap collapsible">
617	<div class="header">
618	- <span class="remove" onclick="jQuery(this).parent().parent().remove()"><?php echo ~~esc_html~~($remove_text); ?></span>
619	<?php
620	if ($sortable) :
621	?>
	@@ -684,7 +686,7 @@ if (!class_exists('settings_tabs_field')) {
684	<?php if ($collapsible) : ?>
685	<div class="header">
686	<?php endif; ?>
687	- <span class="remove" onclick="jQuery(this).parent().parent().remove()"><?php echo ~~esc_html~~($remove_text); ?></span>
688	<?php if ($sortable) : ?>
689	<span class="sort"><i class="fas fa-arrows-alt"></i></span>
690	<?php endif; ?>
	@@ -743,7 +745,8 @@ if (!class_exists('settings_tabs_field')) {
743
744	$input_html = ob_get_clean();
745
746	- echo sprintf($field_template, $title, $input_html, $details);

747	}
748
749
	@@ -823,7 +826,7 @@ if (!class_exists('settings_tabs_field')) {
823
824	$input_html = ob_get_clean();
825
826	- echo sprintf($field_template, $title, $input_html, $details);
827	}
828
829	public function field_select2($option)
	@@ -890,7 +893,7 @@ if (!class_exists('settings_tabs_field')) {
890
891	$input_html = ob_get_clean();
892
893	- echo sprintf($field_template, $title, $input_html, $details);
894	}
895
896
	@@ -991,7 +994,7 @@ if (!class_exists('settings_tabs_field')) {
991
992	$input_html = ob_get_clean();
993
994	- echo sprintf($field_template, $title, $input_html, $details);
995	}
996
997	public function field_hidden($option)
	@@ -1027,7 +1030,7 @@ if (!class_exists('settings_tabs_field')) {
1027
1028	$input_html = ob_get_clean();
1029
1030	- echo sprintf($field_template, $title, $input_html, $details);
1031	}
1032
1033
	@@ -1064,7 +1067,7 @@ if (!class_exists('settings_tabs_field')) {
1064
1065	$input_html = ob_get_clean();
1066
1067	- echo sprintf($field_template, $title, $input_html, $details);
1068	}
1069
1070
	@@ -1116,7 +1119,7 @@ if (!class_exists('settings_tabs_field')) {
1116
1117	$input_html = ob_get_clean();
1118
1119	- echo sprintf($field_template, $title, $input_html, $details);
1120	}
1121
1122
	@@ -1151,7 +1154,7 @@ if (!class_exists('settings_tabs_field')) {
1151	ob_start();
1152	?>
1153	<div class="text-icon">
1154	- <span class="icon"><?php echo ~~esc_html~~($option_value); ?></span><input type="text" class="" name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($css_id); ?>" placeholder="<?php echo esc_attr($placeholder); ?>" value="<?php echo esc_attr($option_value); ?>" />
1155	</div>
1156	<style type="text/css">
1157	.text-icon {}
	@@ -1170,7 +1173,6 @@ if (!class_exists('settings_tabs_field')) {
1170	</style>
1171	<script>
1172	(function($) {
1173	-
1174	$(document).ready(function() {
1175
1176	$(document).on("keyup", ".text-icon input", function() {
	@@ -1186,7 +1188,7 @@ if (!class_exists('settings_tabs_field')) {
1186
1187	$input_html = ob_get_clean();
1188
1189	- echo sprintf($field_template, $title, $input_html, $details);
1190	}
1191
1192
	@@ -1252,7 +1254,7 @@ if (!class_exists('settings_tabs_field')) {
1252	<?php
1253
1254	$input_html = ob_get_clean();
1255	- echo sprintf($field_template, $title, $input_html, $details);
1256	}
1257
1258
	@@ -1289,7 +1291,7 @@ if (!class_exists('settings_tabs_field')) {
1289
1290	$input_html = ob_get_clean();
1291
1292	- echo sprintf($field_template, $title, $input_html, $details);
1293	}
1294
1295
	@@ -1321,12 +1323,12 @@ if (!class_exists('settings_tabs_field')) {
1321
1322	ob_start();
1323	?>
1324	- <textarea editor_enabled="no" class="textarea-editor" name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($css_id); ?>" cols="40" rows="5" placeholder="<?php echo esc_attr($placeholder); ?>"><?php echo $value; ?></textarea>
1325	<?php
1326
1327	$input_html = ob_get_clean();
1328
1329	- echo sprintf($field_template, $title, $input_html, $details);
1330	}
1331
1332
	@@ -1371,7 +1373,7 @@ if (!class_exists('settings_tabs_field')) {
1371
1372	$input_html = ob_get_clean();
1373
1374	- echo sprintf($field_template, $title, $input_html, $details);
1375	}
1376
1377
	@@ -1404,7 +1406,7 @@ if (!class_exists('settings_tabs_field')) {
1404
1405	ob_start();
1406	?>
1407	- <textarea name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($css_id); ?>" cols="40" rows="5" placeholder="<?php echo esc_attr($placeholder); ?>"><?php echo ~~esc_attr~~($value); ?></textarea>
1408	<script>
1409	(function($) {
1410
	@@ -1420,7 +1422,7 @@ if (!class_exists('settings_tabs_field')) {
1420
1421	$input_html = ob_get_clean();
1422
1423	- echo sprintf($field_template, $title, $input_html, $details);
1424	}
1425
1426
	@@ -1527,7 +1529,7 @@ if (!class_exists('settings_tabs_field')) {
1527
1528	$input_html = ob_get_clean();
1529
1530	- echo sprintf($field_template, $title, $input_html, $details);
1531	}
1532
1533
	@@ -1672,7 +1674,7 @@ if (!class_exists('settings_tabs_field')) {
1672
1673	$input_html = ob_get_clean();
1674
1675	- echo sprintf($field_template, $title, $input_html, $details);
1676	}
1677
1678	public function field_datepicker($option)
	@@ -1718,7 +1720,7 @@ if (!class_exists('settings_tabs_field')) {
1718
1719	$input_html = ob_get_clean();
1720
1721	- echo sprintf($field_template, $title, $input_html, $details);
1722	}
1723
1724
	@@ -1751,7 +1753,7 @@ if (!class_exists('settings_tabs_field')) {
1751
1752	$input_html = ob_get_clean();
1753
1754	- echo sprintf($field_template, $title, $input_html, $details);
1755	}
1756
1757
	@@ -1811,7 +1813,7 @@ if (!class_exists('settings_tabs_field')) {
1811
1812	$input_html = ob_get_clean();
1813
1814	- echo sprintf($field_template, $title, $input_html, $details);
1815	}
1816
1817
	@@ -1832,7 +1834,7 @@ if (!class_exists('settings_tabs_field')) {
1832	$details = isset($option['details']) ? $option['details'] : "";
1833
1834
1835	- echo sprintf($field_template, $title, $html, $details);
1836	}
1837	}
1838	}


331
332	$input_html = ob_get_clean();
333
334	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $group_details));
335	}
336
337

401
402	$input_html = ob_get_clean();
403
404	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $group_details));
405	+
406	+
407	}
408
409

496
497	$input_html = ob_get_clean();
498
499	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
500	}
501
502

579
580	$input_html = ob_get_clean();
581
582	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
583	}
584
585

617	?>
618	<div class="item-wrap collapsible">
619	<div class="header">
620	+ <span class="remove" onclick="jQuery(this).parent().parent().remove()"><?php echo accordions_wp_kses($remove_text); ?></span>
621	<?php
622	if ($sortable) :
623	?>

686	<?php if ($collapsible) : ?>
687	<div class="header">
688	<?php endif; ?>
689	+ <span class="remove" onclick="jQuery(this).parent().parent().remove()"><?php echo accordions_wp_kses($remove_text); ?></span>
690	<?php if ($sortable) : ?>
691	<span class="sort"><i class="fas fa-arrows-alt"></i></span>
692	<?php endif; ?>

745
746	$input_html = ob_get_clean();
747
748	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
749	+
750	}
751
752

826
827	$input_html = ob_get_clean();
828
829	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
830	}
831
832	public function field_select2($option)

893
894	$input_html = ob_get_clean();
895
896	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
897	}
898
899

994
995	$input_html = ob_get_clean();
996
997	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
998	}
999
1000	public function field_hidden($option)

1030
1031	$input_html = ob_get_clean();
1032
1033	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1034	}
1035
1036

1067
1068	$input_html = ob_get_clean();
1069
1070	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1071	}
1072
1073

1119
1120	$input_html = ob_get_clean();
1121
1122	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1123	}
1124
1125

1154	ob_start();
1155	?>
1156	<div class="text-icon">
1157	+ <span class="icon"><?php echo accordions_wp_kses($option_value); ?></span><input type="text" class="" name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($css_id); ?>" placeholder="<?php echo esc_attr($placeholder); ?>" value="<?php echo esc_attr($option_value); ?>" />
1158	</div>
1159	<style type="text/css">
1160	.text-icon {}

1173	</style>
1174	<script>
1175	(function($) {

1176	$(document).ready(function() {
1177
1178	$(document).on("keyup", ".text-icon input", function() {

1188
1189	$input_html = ob_get_clean();
1190
1191	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1192	}
1193
1194

1254	<?php
1255
1256	$input_html = ob_get_clean();
1257	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1258	}
1259
1260

1291
1292	$input_html = ob_get_clean();
1293
1294	+ echo wp_kses_post(sprintf($field_template, $title, $input_html, $details));
1295	}
1296
1297

1323
1324	ob_start();
1325	?>
1326	+ <textarea editor_enabled="no" class="textarea-editor" name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($css_id); ?>" cols="40" rows="5" placeholder="<?php echo esc_attr($placeholder); ?>"><?php echo ($value); ?></textarea>
1327	<?php
1328
1329	$input_html = ob_get_clean();
1330
1331	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1332	}
1333
1334

1373
1374	$input_html = ob_get_clean();
1375
1376	+ echo (sprintf($field_template, $title, $input_html, $details));
1377	}
1378
1379

1406
1407	ob_start();
1408	?>
1409	+ <textarea name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($css_id); ?>" cols="40" rows="5" placeholder="<?php echo esc_attr($placeholder); ?>"><?php echo esc_textarea($value); ?></textarea>
1410	<script>
1411	(function($) {
1412

1422
1423	$input_html = ob_get_clean();
1424
1425	+ echo (sprintf($field_template, $title, $input_html, $details));
1426	}
1427
1428

1529
1530	$input_html = ob_get_clean();
1531
1532	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1533	}
1534
1535

1674
1675	$input_html = ob_get_clean();
1676
1677	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1678	}
1679
1680	public function field_datepicker($option)

1720
1721	$input_html = ob_get_clean();
1722
1723	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1724	}
1725
1726

1753
1754	$input_html = ob_get_clean();
1755
1756	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1757	}
1758
1759

1813
1814	$input_html = ob_get_clean();
1815
1816	+ echo accordions_wp_kses(sprintf($field_template, $title, $input_html, $details));
1817	}
1818
1819

1834	$details = isset($option['details']) ? $option['details'] : "";
1835
1836
1837	+ echo accordions_wp_kses(sprintf($field_template, $title, $html, $details));
1838	}
1839	}
1840	}

includes/functions.php CHANGED Viewed

@@ -612,3 +612,46 @@ function accordions_recursive_sanitize_arr($array)
                 return $array;
+            }


612
613	return $array;
614	}
615	+
616	+ function accordions_wp_kses($str)
617	+ {
618	+
619	+ $arr = array(
620	+
621	+ 'div' => array('id'=>array(), 'class'=>array(), 'add_html'=>array(), 'style'=>array(), 'hidefocus'=>array(), 'tabindex'=>array(), 'role'=>array(),'aria-label'=>array(), 'aria-haspopup'=>array(), 'aria-labelledby'=>array(), ),
622	+ 'span' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
623	+ 'i' => array('id'=>array(), 'class'=>array()),
624	+ 'strong' => array('id'=>array(), 'class'=>array()),
625	+ 'em' => array('id'=>array(), 'class'=>array()),
626	+
627	+ 'p' => array('id'=>array(), 'class'=>array()),
628	+ 'a' => array('id'=>array(), 'class'=>array(),'href'=>array()),
629	+ 'label' => array('id'=>array(), 'class'=>array(),),
630	+ 'code' => array('id'=>array(), 'class'=>array(),),
631	+ 'script' => array('id'=>array(), 'class'=>array(),),
632	+ 'style' => array('type'=>array(), ),
633	+ 'ul' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
634	+ 'li' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
635	+ 'table' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
636	+ 'thead' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
637	+ 'tr' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
638	+ 'th' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
639	+ 'tbody' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
640	+ 'td' => array('id'=>array(), 'class'=>array(),'tabindex'=>array(), ),
641	+
642	+
643	+ 'input' => array('id'=>array(), 'class'=>array(), 'colorpicker'=>array(),'type'=>array(), 'checked'=>array(), 'name'=>array(), 'placeholder'=>array(), 'value'=>array() ),
644	+ 'button' => array('id'=>array(), 'class'=>array(),'type'=>array(), 'name'=>array(), 'placeholder'=>array(), 'value'=>array(),'role'=>array(), 'aria-expanded'=>array(), 'data-wp-editor-id'=>array(), ),
645	+
646	+ 'textarea' => array('id'=>array(), 'name'=>array(), 'class'=>array(), 'editor_enabled'=>array(), 'cols'=>array() , 'rows'=>array(), 'placeholder'=>array(), 'value'=>array(), 'aria-hidden'=>array(), 'style'=>array() , 'onclick'=>array() ),
647	+ 'select' => array('id'=>array(), 'class'=>array(), 'option' =>array('value'=>array(), 'selected'=>array()), 'name'=>array()) ,
648	+ 'option' => array('value'=>array(), 'selected'=>array())
649	+
650	+
651	+ );
652	+
653	+ $arr = apply_filters('accordions_wp_kses', $arr);
654	+
655	+
656	+ return wp_kses( $str, $arr );
657	+ }

includes/menu/settings.php CHANGED Viewed

	@@ -42,7 +42,7 @@ if(!empty($accordions_settings_tab))
42	foreach ($accordions_settings_tab as $page_key => $tab) $tabs_sorted[$page_key] = isset( $tab['priority'] ) ? $tab['priority'] : 0;
43	array_multisort($tabs_sorted, SORT_ASC, $accordions_settings_tab);
44
45	-
46
47	$accordions_settings = get_option('accordions_settings');
48
	@@ -94,7 +94,8 @@ $accordions_settings = get_option('accordions_settings');
94	$pro_text = isset($tab['pro_text']) ? $tab['pro_text'] : '';
95	?>
96	<li <?php if(!empty($data_visible)): ?> data_visible="<?php echo esc_attr($data_visible); ?>" <?php endif; ?> class="tab-nav <?php if($hidden) echo 'hidden';?> <?php if($active) echo 'active';?>" data-id="<?php echo esc_attr($id); ?>">
97	- <?php echo ~~esc_html~~($title); ?>

98	<?php
99	if($is_pro):
100	?><span class="pro-feature"><?php echo esc_html($pro_text); ?></span> <?php


42	foreach ($accordions_settings_tab as $page_key => $tab) $tabs_sorted[$page_key] = isset( $tab['priority'] ) ? $tab['priority'] : 0;
43	array_multisort($tabs_sorted, SORT_ASC, $accordions_settings_tab);
44
45	+ $iconhtml = '<i class="fas fa-store"></i>';
46
47	$accordions_settings = get_option('accordions_settings');
48

94	$pro_text = isset($tab['pro_text']) ? $tab['pro_text'] : '';
95	?>
96	<li <?php if(!empty($data_visible)): ?> data_visible="<?php echo esc_attr($data_visible); ?>" <?php endif; ?> class="tab-nav <?php if($hidden) echo 'hidden';?> <?php if($active) echo 'active';?>" data-id="<?php echo esc_attr($id); ?>">
97	+ <?php echo wp_kses_post($title); ?>
98	+
99	<?php
100	if($is_pro):
101	?><span class="pro-feature"><?php echo esc_html($pro_text); ?></span> <?php

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@
4	Tags: accordion, tabs, FAQ, WooCommerce FAQ Tab, accordion short-code, accordions widget, tab
5	Requires at least: 3.8
6	Tested up to: 6.0
7	- Stable tag: 2.2.46
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -139,6 +139,12 @@ then paste this shortcode anywhere in your page to display accordions<br />
139
140	== Changelog ==
141






142	= 2.2.46 =
143	* 2022-08-25 - fix - Broken HTML issue fixed.
144


4	Tags: accordion, tabs, FAQ, WooCommerce FAQ Tab, accordion short-code, accordions widget, tab
5	Requires at least: 3.8
6	Tested up to: 6.0
7	+ Stable tag: 2.2.47
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

139
140	== Changelog ==
141
142	+ = 2.2.47 =
143	+ * 2022-08-29 - fix - Escape issue fixed.
144	+ * 2022-08-29 - add - Added filter hook "accordions_wp_kses" for allowed html tags for escaping.
145	+
146	+
147	+
148	= 2.2.46 =
149	* 2022-08-25 - fix - Broken HTML issue fixed.
150