Version Description
| January 4th, 2022 = * Sec: Properly check permissions when Download API is accessed.
Download this release
Release Info
| Developer | DaanvandenBergh |
| Plugin |  OMGF | GDPR/DSVGO Compliant, Faster Google Fonts. Easy. |
| Version | 4.5.13 |
| Comparing to | |
| See all releases | |
Code changes from version 4.5.12 to 4.5.13
- host-webfonts-local.php +1 -1
- includes/api/class-download.php +7 -1
- readme.txt +4 -1
host-webfonts-local.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
* Plugin Name: OMGF
|
| 5 |
* Plugin URI: https://daan.dev/wordpress-plugins/host-google-fonts-locally
|
| 6 |
* Description: Minimize DNS requests, leverage browser cache and speed up WordPress by saving Google Fonts to your server and removing external Google Fonts requests.
|
| 7 |
-
* Version: 4.5.
|
| 8 |
* Author: Daan from FFW.Press
|
| 9 |
* Author URI: https://ffw.press
|
| 10 |
* License: GPL2v2 or later
|
| 4 |
* Plugin Name: OMGF
|
| 5 |
* Plugin URI: https://daan.dev/wordpress-plugins/host-google-fonts-locally
|
| 6 |
* Description: Minimize DNS requests, leverage browser cache and speed up WordPress by saving Google Fonts to your server and removing external Google Fonts requests.
|
| 7 |
+
* Version: 4.5.13
|
| 8 |
* Author: Daan from FFW.Press
|
| 9 |
* Author URI: https://ffw.press
|
| 10 |
* License: GPL2v2 or later
|
includes/api/class-download.php
CHANGED
|
@@ -32,6 +32,7 @@ class OMGF_API_Download extends WP_REST_Controller
|
|
| 32 |
'muli' => 'mulish'
|
| 33 |
];
|
| 34 |
|
|
|
|
| 35 |
private $plugin_text_domain = 'host-webfonts-local';
|
| 36 |
|
| 37 |
/** @var array */
|
|
@@ -83,7 +84,12 @@ class OMGF_API_Download extends WP_REST_Controller
|
|
| 83 |
return false;
|
| 84 |
}
|
| 85 |
|
| 86 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 87 |
}
|
| 88 |
|
| 89 |
/**
|
| 32 |
'muli' => 'mulish'
|
| 33 |
];
|
| 34 |
|
| 35 |
+
/** @var string */
|
| 36 |
private $plugin_text_domain = 'host-webfonts-local';
|
| 37 |
|
| 38 |
/** @var array */
|
| 84 |
return false;
|
| 85 |
}
|
| 86 |
|
| 87 |
+
/**
|
| 88 |
+
* This API should only be accessible to users with manage_options capabilities.
|
| 89 |
+
*
|
| 90 |
+
* @since v4.5.13
|
| 91 |
+
*/
|
| 92 |
+
return current_user_can('manage_options') && wp_verify_nonce($_REQUEST['_wpnonce'], 'wp_rest') > 0;
|
| 93 |
}
|
| 94 |
|
| 95 |
/**
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: DaanvandenBergh
|
|
| 3 |
Tags: google, fonts, gdpr, cache, speed, preload, font-display, webfonts, subsets, remove, minimize, external, requests
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 5.8
|
| 6 |
-
Stable tag: 4.5.
|
| 7 |
Requires PHP: 7.0
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
|
@@ -83,6 +83,9 @@ For the FAQ, [click here](https://docs.ffw.press/category/76-omgf-pro---faq).
|
|
| 83 |
|
| 84 |
== Changelog ==
|
| 85 |
|
|
|
|
|
|
|
|
|
|
| 86 |
= 4.5.12 | November 27th, 2021 =
|
| 87 |
* Sec: Prevent path traversal when cache directory setting is changed. (Thanks, @jsgm!)
|
| 88 |
|
| 3 |
Tags: google, fonts, gdpr, cache, speed, preload, font-display, webfonts, subsets, remove, minimize, external, requests
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 5.8
|
| 6 |
+
Stable tag: 4.5.13
|
| 7 |
Requires PHP: 7.0
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 83 |
|
| 84 |
== Changelog ==
|
| 85 |
|
| 86 |
+
= 4.5.13 | January 4th, 2022 =
|
| 87 |
+
* Sec: Properly check permissions when Download API is accessed.
|
| 88 |
+
|
| 89 |
= 4.5.12 | November 27th, 2021 =
|
| 90 |
* Sec: Prevent path traversal when cache directory setting is changed. (Thanks, @jsgm!)
|
| 91 |
|
