Version Description
- 12/9/21
- Fix - Added nonce security check on admin orders page.
Download this release
Release Info
| Developer | scottpaterson |
| Plugin |  PayPal Donation |
| Version | 1.3.4 |
| Comparing to | |
| See all releases | |
Code changes from version 1.3.3 to 1.3.4
- easy-paypal-donation.php +2 -2
- includes/private_orders.php +8 -0
- readme.txt +6 -2
easy-paypal-donation.php
CHANGED
|
@@ -10,10 +10,10 @@ Tags: donation, donate, donations, charity, paypal, paypal donation, ecommerce,
|
|
| 10 |
Author: Scott Paterson
|
| 11 |
Author URI: https://wpplugin.org
|
| 12 |
License: GPL2
|
| 13 |
-
Version: 1.3.
|
| 14 |
*/
|
| 15 |
|
| 16 |
-
/* Copyright 2014-
|
| 17 |
|
| 18 |
This program is free software; you can redistribute it and/or modify
|
| 19 |
it under the terms of the GNU General Public License as published by
|
| 10 |
Author: Scott Paterson
|
| 11 |
Author URI: https://wpplugin.org
|
| 12 |
License: GPL2
|
| 13 |
+
Version: 1.3.4
|
| 14 |
*/
|
| 15 |
|
| 16 |
+
/* Copyright 2014-2022 Scott Paterson
|
| 17 |
|
| 18 |
This program is free software; you can redistribute it and/or modify
|
| 19 |
it under the terms of the GNU General Public License as published by
|
includes/private_orders.php
CHANGED
|
@@ -368,6 +368,14 @@ function wpedon_plugin_orders() {
|
|
| 368 |
|
| 369 |
// admin orders page delete order
|
| 370 |
if (isset($_GET['action']) && $_GET['action'] == "delete" || isset($_GET['action2']) && $_GET['action2'] == "delete") {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 371 |
|
| 372 |
if ($_GET['inline'] == "true") {
|
| 373 |
$post_id = array(intval($_GET['order']));
|
| 368 |
|
| 369 |
// admin orders page delete order
|
| 370 |
if (isset($_GET['action']) && $_GET['action'] == "delete" || isset($_GET['action2']) && $_GET['action2'] == "delete") {
|
| 371 |
+
|
| 372 |
+
// check nonce for security
|
| 373 |
+
$nonce = $_REQUEST['_wpnonce'];
|
| 374 |
+
$action = 'bulk-orders';
|
| 375 |
+
|
| 376 |
+
if ( ! wp_verify_nonce( $nonce, $action ) ) {
|
| 377 |
+
wp_die('Security check fail');
|
| 378 |
+
}
|
| 379 |
|
| 380 |
if ($_GET['inline'] == "true") {
|
| 381 |
$post_id = array(intval($_GET['order']));
|
readme.txt
CHANGED
|
@@ -4,9 +4,9 @@ Donate link: https://wpplugin.org/donate/
|
|
| 4 |
Tags: donation, donate, donations, charity, paypal, gateway, paypal donation, paypal donate
|
| 5 |
Author URI: https://wpplugin.org
|
| 6 |
Requires at least: 3.0
|
| 7 |
-
Tested up to:
|
| 8 |
Requires PHP: 5.4
|
| 9 |
-
Stable tag: 1.3.
|
| 10 |
License: GPLv2 or later
|
| 11 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 12 |
|
|
@@ -94,6 +94,10 @@ Yes, there is no limit to the amount of PayPal donations buttons that you can pu
|
|
| 94 |
|
| 95 |
== Changelog ==
|
| 96 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 97 |
= 1.3.3 =
|
| 98 |
* 12/3/21
|
| 99 |
* Fix - Security fix
|
| 4 |
Tags: donation, donate, donations, charity, paypal, gateway, paypal donation, paypal donate
|
| 5 |
Author URI: https://wpplugin.org
|
| 6 |
Requires at least: 3.0
|
| 7 |
+
Tested up to: 6.0
|
| 8 |
Requires PHP: 5.4
|
| 9 |
+
Stable tag: 1.3.4
|
| 10 |
License: GPLv2 or later
|
| 11 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 12 |
|
| 94 |
|
| 95 |
== Changelog ==
|
| 96 |
|
| 97 |
+
= 1.3.4 =
|
| 98 |
+
* 12/9/21
|
| 99 |
+
* Fix - Added nonce security check on admin orders page.
|
| 100 |
+
|
| 101 |
= 1.3.3 =
|
| 102 |
* 12/3/21
|
| 103 |
* Fix - Security fix
|
