Version Description
- fix authenticated (i.e. logged-in) DOM-based XSS vulnerability while creating jQuery object from user input in Safari and IE
Download this release
Release Info
| Developer | advancedads |
| Plugin |  Advanced Ads |
| Version | 1.24.2 |
| Comparing to | |
| See all releases | |
Code changes from version 1.24.1 to 1.24.2
- admin/assets/js/admin.js +16 -3
- advanced-ads.php +2 -2
- languages/advanced-ads.pot +6 -2
- readme.txt +5 -1
admin/assets/js/admin.js
CHANGED
|
@@ -175,10 +175,23 @@ jQuery( document ).ready( function ( $ ) {
|
|
| 175 |
* also highlight the box with an effect for a short time.
|
| 176 |
* Use attribute selector to avoid the need to escape the selector.
|
| 177 |
*/
|
| 178 |
-
|
| 179 |
-
|
| 180 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 181 |
|
|
|
|
|
|
|
|
|
|
| 182 |
}
|
| 183 |
|
| 184 |
// group page: add ad to group
|
| 175 |
* also highlight the box with an effect for a short time.
|
| 176 |
* Use attribute selector to avoid the need to escape the selector.
|
| 177 |
*/
|
| 178 |
+
function sanitize( string ) {
|
| 179 |
+
var map = {
|
| 180 |
+
'&': '&',
|
| 181 |
+
'<': '<',
|
| 182 |
+
'>': '>',
|
| 183 |
+
'"': '"',
|
| 184 |
+
'\'': ''',
|
| 185 |
+
'/': '/'
|
| 186 |
+
};
|
| 187 |
+
return string.replace( /[&<>"'/]/ig, function ( match ) {
|
| 188 |
+
return map[match];
|
| 189 |
+
} );
|
| 190 |
+
}
|
| 191 |
|
| 192 |
+
var single_placement_slug = '#' + sanitize( window.location.hash.substr( 1 ) );
|
| 193 |
+
if ( jQuery( single_placement_slug ).length ) {
|
| 194 |
+
jQuery( single_placement_slug ).find( '.advads-toggle-link + div, .advads-usage' ).show();
|
| 195 |
}
|
| 196 |
|
| 197 |
// group page: add ad to group
|
advanced-ads.php
CHANGED
|
@@ -12,7 +12,7 @@
|
|
| 12 |
* Plugin Name: Advanced Ads
|
| 13 |
* Plugin URI: https://wpadvancedads.com
|
| 14 |
* Description: Manage and optimize your ads in WordPress
|
| 15 |
-
* Version: 1.24.
|
| 16 |
* Author: Thomas Maier, Advanced Ads GmbH
|
| 17 |
* Author URI: https://wpadvancedads.com
|
| 18 |
* Text Domain: advanced-ads
|
|
@@ -39,7 +39,7 @@ define( 'ADVADS_BASE_DIR', dirname( ADVADS_BASE ) ); // directory of the plugin
|
|
| 39 |
// general and global slug, e.g. to store options in WP.
|
| 40 |
define( 'ADVADS_SLUG', 'advanced-ads' );
|
| 41 |
define( 'ADVADS_URL', 'https://wpadvancedads.com/' );
|
| 42 |
-
define( 'ADVADS_VERSION', '1.24.
|
| 43 |
|
| 44 |
// Autoloading, modules and functions.
|
| 45 |
|
| 12 |
* Plugin Name: Advanced Ads
|
| 13 |
* Plugin URI: https://wpadvancedads.com
|
| 14 |
* Description: Manage and optimize your ads in WordPress
|
| 15 |
+
* Version: 1.24.2
|
| 16 |
* Author: Thomas Maier, Advanced Ads GmbH
|
| 17 |
* Author URI: https://wpadvancedads.com
|
| 18 |
* Text Domain: advanced-ads
|
| 39 |
// general and global slug, e.g. to store options in WP.
|
| 40 |
define( 'ADVADS_SLUG', 'advanced-ads' );
|
| 41 |
define( 'ADVADS_URL', 'https://wpadvancedads.com/' );
|
| 42 |
+
define( 'ADVADS_VERSION', '1.24.2' );
|
| 43 |
|
| 44 |
// Autoloading, modules and functions.
|
| 45 |
|
languages/advanced-ads.pot
CHANGED
|
@@ -2,14 +2,14 @@
|
|
| 2 |
# This file is distributed under the same license as the Advanced Ads plugin.
|
| 3 |
msgid ""
|
| 4 |
msgstr ""
|
| 5 |
-
"Project-Id-Version: Advanced Ads 1.24.
|
| 6 |
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/advanced-ads/\n"
|
| 7 |
"Last-Translator: Thomas Maier <post@webzunft.de>\n"
|
| 8 |
"Language-Team: webgilde <support@wpadvancedads.com>\n"
|
| 9 |
"MIME-Version: 1.0\n"
|
| 10 |
"Content-Type: text/plain; charset=UTF-8\n"
|
| 11 |
"Content-Transfer-Encoding: 8bit\n"
|
| 12 |
-
"POT-Creation-Date: 2021-
|
| 13 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
| 14 |
"X-Generator: WP-CLI 2.4.0\n"
|
| 15 |
"X-Domain: advanced-ads\n"
|
|
@@ -219,6 +219,7 @@ msgstr ""
|
|
| 219 |
msgid "%s detected."
|
| 220 |
msgstr ""
|
| 221 |
|
|
|
|
| 222 |
#: admin/includes/ad-health-notices.php:253
|
| 223 |
msgid "Learn how this might impact your ad setup."
|
| 224 |
msgstr ""
|
|
@@ -1799,6 +1800,7 @@ msgstr ""
|
|
| 1799 |
msgid "Adjust the placement options"
|
| 1800 |
msgstr ""
|
| 1801 |
|
|
|
|
| 1802 |
#: admin/views/placement-injection-top.php:21
|
| 1803 |
msgid "Ad not showing up? Take a look <a href=\"%s\" target=\"_blank\">here</a>"
|
| 1804 |
msgstr ""
|
|
@@ -1892,10 +1894,12 @@ msgstr ""
|
|
| 1892 |
msgid "Existing placement"
|
| 1893 |
msgstr ""
|
| 1894 |
|
|
|
|
| 1895 |
#: admin/views/placement-injection-top.php:168
|
| 1896 |
msgid "Or use the shortcode %s to insert the ad into the content manually."
|
| 1897 |
msgstr ""
|
| 1898 |
|
|
|
|
| 1899 |
#: admin/views/placement-injection-top.php:176
|
| 1900 |
msgid "Learn more about your choices to display an ad in the <a href=\"%s\" target=\"_blank\">manual</a>."
|
| 1901 |
msgstr ""
|
| 2 |
# This file is distributed under the same license as the Advanced Ads plugin.
|
| 3 |
msgid ""
|
| 4 |
msgstr ""
|
| 5 |
+
"Project-Id-Version: Advanced Ads 1.24.2\n"
|
| 6 |
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/advanced-ads/\n"
|
| 7 |
"Last-Translator: Thomas Maier <post@webzunft.de>\n"
|
| 8 |
"Language-Team: webgilde <support@wpadvancedads.com>\n"
|
| 9 |
"MIME-Version: 1.0\n"
|
| 10 |
"Content-Type: text/plain; charset=UTF-8\n"
|
| 11 |
"Content-Transfer-Encoding: 8bit\n"
|
| 12 |
+
"POT-Creation-Date: 2021-04-15T09:46:33+00:00\n"
|
| 13 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
| 14 |
"X-Generator: WP-CLI 2.4.0\n"
|
| 15 |
"X-Domain: advanced-ads\n"
|
| 219 |
msgid "%s detected."
|
| 220 |
msgstr ""
|
| 221 |
|
| 222 |
+
#. translators: %s is a service or plugin name.
|
| 223 |
#: admin/includes/ad-health-notices.php:253
|
| 224 |
msgid "Learn how this might impact your ad setup."
|
| 225 |
msgstr ""
|
| 1800 |
msgid "Adjust the placement options"
|
| 1801 |
msgstr ""
|
| 1802 |
|
| 1803 |
+
#. translators: %s is a URL.
|
| 1804 |
#: admin/views/placement-injection-top.php:21
|
| 1805 |
msgid "Ad not showing up? Take a look <a href=\"%s\" target=\"_blank\">here</a>"
|
| 1806 |
msgstr ""
|
| 1894 |
msgid "Existing placement"
|
| 1895 |
msgstr ""
|
| 1896 |
|
| 1897 |
+
#. translators: %s is some HTML.
|
| 1898 |
#: admin/views/placement-injection-top.php:168
|
| 1899 |
msgid "Or use the shortcode %s to insert the ad into the content manually."
|
| 1900 |
msgstr ""
|
| 1901 |
|
| 1902 |
+
#. translators: %s is a URL.
|
| 1903 |
#: admin/views/placement-injection-top.php:176
|
| 1904 |
msgid "Learn more about your choices to display an ad in the <a href=\"%s\" target=\"_blank\">manual</a>."
|
| 1905 |
msgstr ""
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Tags: ads, ad manager, ad rotation, adsense, banner
|
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 5.7
|
| 6 |
Requires PHP: 5.6
|
| 7 |
-
Stable tag: 1.24.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -317,6 +317,10 @@ Yes. You can use plenty of [hooks](https://wpadvancedads.com/codex/) to customiz
|
|
| 317 |
|
| 318 |
== Changelog ==
|
| 319 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 320 |
= 1.24.1 =
|
| 321 |
|
| 322 |
- fix compatibilty with WP prior to 5.0
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 5.7
|
| 6 |
Requires PHP: 5.6
|
| 7 |
+
Stable tag: 1.24.2
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 317 |
|
| 318 |
== Changelog ==
|
| 319 |
|
| 320 |
+
= 1.24.2 =
|
| 321 |
+
|
| 322 |
+
- fix authenticated (i.e. logged-in) DOM-based XSS vulnerability while creating jQuery object from user input in Safari and IE
|
| 323 |
+
|
| 324 |
= 1.24.1 =
|
| 325 |
|
| 326 |
- fix compatibilty with WP prior to 5.0
|
