Version Description
( 2021-06-07 ) =
- Fix: Check password's hash before forwarding to Pwned Password API
Download this release
Release Info
Developer | BigTonny |
Plugin | Defender Security – Malware Scanner, Login Security & Firewall |
Version | 2.5.3 |
Comparing to | |
See all releases |
Code changes from version 2.5.2 to 2.5.3
- languages/wpdef-default.pot +4 -4
- readme.txt +6 -26
- src/controller/password-protection.php +4 -0
- wp-defender.php +3 -3
languages/wpdef-default.pot
CHANGED
@@ -6,9 +6,9 @@
|
|
6 |
#, fuzzy
|
7 |
msgid ""
|
8 |
msgstr ""
|
9 |
-
"Project-Id-Version: wp-defender 2.5.
|
10 |
"Report-Msgid-Bugs-To: \n"
|
11 |
-
"POT-Creation-Date: 2021-06-07
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
@@ -2096,7 +2096,7 @@ msgstr ""
|
|
2096 |
#: src/controller/audit-logging.php:371 src/controller/blacklist.php:124
|
2097 |
#: src/controller/firewall.php:145 src/controller/login-lockout.php:189
|
2098 |
#: src/controller/main-setting.php:93 src/controller/mask-login.php:246
|
2099 |
-
#: src/controller/nf-lockout.php:245 src/controller/password-protection.php:
|
2100 |
#: src/controller/password-reset.php:218 src/controller/scan.php:306
|
2101 |
#: src/controller/security-headers.php:77 src/controller/two-factor.php:482
|
2102 |
msgid "Your settings have been updated."
|
@@ -2485,7 +2485,7 @@ msgid ""
|
|
2485 |
"exists on database breach records."
|
2486 |
msgstr ""
|
2487 |
|
2488 |
-
#: src/controller/password-protection.php:
|
2489 |
msgid ""
|
2490 |
"You need to check at least one of the <b>Pwned checks preferences below</b> "
|
2491 |
"and save your settings to enable Password Protection."
|
6 |
#, fuzzy
|
7 |
msgid ""
|
8 |
msgstr ""
|
9 |
+
"Project-Id-Version: wp-defender 2.5.3\n"
|
10 |
"Report-Msgid-Bugs-To: \n"
|
11 |
+
"POT-Creation-Date: 2021-06-07 14:35+0000\n"
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
2096 |
#: src/controller/audit-logging.php:371 src/controller/blacklist.php:124
|
2097 |
#: src/controller/firewall.php:145 src/controller/login-lockout.php:189
|
2098 |
#: src/controller/main-setting.php:93 src/controller/mask-login.php:246
|
2099 |
+
#: src/controller/nf-lockout.php:245 src/controller/password-protection.php:215
|
2100 |
#: src/controller/password-reset.php:218 src/controller/scan.php:306
|
2101 |
#: src/controller/security-headers.php:77 src/controller/two-factor.php:482
|
2102 |
msgid "Your settings have been updated."
|
2485 |
"exists on database breach records."
|
2486 |
msgstr ""
|
2487 |
|
2488 |
+
#: src/controller/password-protection.php:219
|
2489 |
msgid ""
|
2490 |
"You need to check at least one of the <b>Pwned checks preferences below</b> "
|
2491 |
"and save your settings to enable Password Protection."
|
readme.txt
CHANGED
@@ -1,13 +1,13 @@
|
|
1 |
=== Defender Security - Malware Scanner, Login Security & Firewall ===
|
2 |
Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
|
3 |
-
Version: 2.5.
|
4 |
Author: WPMU DEV
|
5 |
Author URI: https://wpmudev.com/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
|
8 |
Requires at least: 5.2
|
9 |
Tested up to: 5.7.2
|
10 |
-
Stable tag: 2.5.
|
11 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
12 |
|
13 |
Security plugin with malware scanner, IP blocking, audit logs, activity logs, firewall, login security & more.
|
@@ -204,6 +204,10 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
|
|
204 |
|
205 |
== Changelog ==
|
206 |
|
|
|
|
|
|
|
|
|
207 |
= 2.5.2 ( 2021-06-01 ) =
|
208 |
|
209 |
- New: Force password reset for all registered users
|
@@ -289,30 +293,6 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
|
|
289 |
|
290 |
- Fix: Unescaped DB parameters
|
291 |
|
292 |
-
= 2.4.7 ( 2021-03-01 ) =
|
293 |
-
|
294 |
-
- New: Sync Config from Defender with The Hub
|
295 |
-
- Enhance: Making "Enable Tag" clickable in the notification widget
|
296 |
-
- Enhance: Allow capital letters in Masked Login
|
297 |
-
- Enhance: New WP CLI commands for file scanning, reset settings, and clear firewall data
|
298 |
-
- Enhance: Reducing false-positive reports in malware scanning
|
299 |
-
- Enhance: Check plugins and themes against the WP.org repository
|
300 |
-
- Enhance: Adding pagination in Malware Scanning grid
|
301 |
-
- Enhance: Update text for Suspicious Code scan type options
|
302 |
-
- Enhance: Bulk configure - Add to reports/Remove from reports options
|
303 |
-
- Enhance: Improve table performance
|
304 |
-
- Enhance: Remove hero image when Branding is set to custom for activated Whitelabel
|
305 |
-
- Fix: Storage logs not deleted
|
306 |
-
- Fix: Update code preview in Malware Scanning
|
307 |
-
- Fix: MaxMind DB Reader API version update
|
308 |
-
- Fix: Keep empty IP for internal or private IPs
|
309 |
-
- Fix: Failed login attempt with an empty banned username
|
310 |
-
- Fix: Audit Log Export
|
311 |
-
- Fix: Loopback request could not be completed
|
312 |
-
- Fix: Subsites login area is blocked for network users
|
313 |
-
- Fix: Mask login can be bypassed with wp-signup.php for single sites
|
314 |
-
- Fix: Ability to use dash symbol at the start/end of New Login URL slug
|
315 |
-
|
316 |
|
317 |
[Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
|
318 |
|
1 |
=== Defender Security - Malware Scanner, Login Security & Firewall ===
|
2 |
Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
|
3 |
+
Version: 2.5.3
|
4 |
Author: WPMU DEV
|
5 |
Author URI: https://wpmudev.com/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
|
8 |
Requires at least: 5.2
|
9 |
Tested up to: 5.7.2
|
10 |
+
Stable tag: 2.5.3
|
11 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
12 |
|
13 |
Security plugin with malware scanner, IP blocking, audit logs, activity logs, firewall, login security & more.
|
204 |
|
205 |
== Changelog ==
|
206 |
|
207 |
+
= 2.5.3 ( 2021-06-07 ) =
|
208 |
+
|
209 |
+
- Fix: Check password's hash before forwarding to Pwned Password API
|
210 |
+
|
211 |
= 2.5.2 ( 2021-06-01 ) =
|
212 |
|
213 |
- New: Force password reset for all registered users
|
293 |
|
294 |
- Fix: Unescaped DB parameters
|
295 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
296 |
|
297 |
[Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
|
298 |
|
src/controller/password-protection.php
CHANGED
@@ -54,6 +54,10 @@ class Password_Protection extends Controller2 {
|
|
54 |
return $user;
|
55 |
}
|
56 |
|
|
|
|
|
|
|
|
|
57 |
if ( ! $this->service->is_enabled_by_user_role( $user, $this->model->user_roles ) ) {
|
58 |
return $user;
|
59 |
}
|
54 |
return $user;
|
55 |
}
|
56 |
|
57 |
+
if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) {
|
58 |
+
return $user;
|
59 |
+
}
|
60 |
+
|
61 |
if ( ! $this->service->is_enabled_by_user_role( $user, $this->model->user_roles ) ) {
|
62 |
return $user;
|
63 |
}
|
wp-defender.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
/**
|
3 |
* Plugin Name: Defender
|
4 |
* Plugin URI: https://wpmudev.com/project/wp-defender/
|
5 |
-
* Version: 2.5.
|
6 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
7 |
* Author: WPMU DEV
|
8 |
* Author URI: https://wpmudev.com/
|
@@ -15,10 +15,10 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
15 |
die;
|
16 |
}
|
17 |
if ( ! defined( 'DEFENDER_VERSION' ) ) {
|
18 |
-
define( 'DEFENDER_VERSION', '2.5.
|
19 |
}
|
20 |
if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
|
21 |
-
define( 'DEFENDER_DB_VERSION', '2.5.
|
22 |
}
|
23 |
if ( ! defined( 'DEFENDER_SUI' ) ) {
|
24 |
define( 'DEFENDER_SUI', '2-10-7' );
|
2 |
/**
|
3 |
* Plugin Name: Defender
|
4 |
* Plugin URI: https://wpmudev.com/project/wp-defender/
|
5 |
+
* Version: 2.5.3
|
6 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
7 |
* Author: WPMU DEV
|
8 |
* Author URI: https://wpmudev.com/
|
15 |
die;
|
16 |
}
|
17 |
if ( ! defined( 'DEFENDER_VERSION' ) ) {
|
18 |
+
define( 'DEFENDER_VERSION', '2.5.3' );
|
19 |
}
|
20 |
if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
|
21 |
+
define( 'DEFENDER_DB_VERSION', '2.5.3' );
|
22 |
}
|
23 |
if ( ! defined( 'DEFENDER_SUI' ) ) {
|
24 |
define( 'DEFENDER_SUI', '2-10-7' );
|