Popups, Welcome Bar, Optins and Lead Generation Plugin

Version Description

Fix: Improved security related to XSS [Thanks to Patchstack team]

Release Info

Developer	Icegram
Plugin	Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram
Version	2.0.7
Comparing to
See all releases

Code changes from version 2.0.6 to 2.0.7

Files changed (3) hide show

icegram.php +3 -3
lite/classes/class-icegram-campaign-admin.php +16 -11
readme.txt +6 -6

icegram.php CHANGED Viewed

	@@ -3,8 +3,8 @@
3	* Plugin Name: Icegram - Popups, Optins, CTAs & lot more...
4	* Plugin URI: https://www.icegram.com/
5	* Description: All in one solution to inspire, convert and engage your audiences. Action bars, Popup windows, Messengers, Toast notifications and more. Awesome themes and powerful rules.
6	- * Version: 2.0.6
7	- * Tested up to: 5.8.1
8	* Author: icegram
9	* Author URI: https://www.icegram.com/
10	* Copyright (c) 2014-21 Icegram
	@@ -122,7 +122,7 @@ if ( ! defined( 'IG_PLUGIN_FILE' ) ) {
122	}
123
124	if ( ! defined( 'IG_PLUGIN_VERSION' ) ) {
125	- define( 'IG_PLUGIN_VERSION', '2.0.6' );
126	}
127
128	if ( ! defined( 'IG_PRODUCT_ID' ) ) {


3	* Plugin Name: Icegram - Popups, Optins, CTAs & lot more...
4	* Plugin URI: https://www.icegram.com/
5	* Description: All in one solution to inspire, convert and engage your audiences. Action bars, Popup windows, Messengers, Toast notifications and more. Awesome themes and powerful rules.
6	+ * Version: 2.0.7
7	+ * Tested up to: 5.8.2
8	* Author: icegram
9	* Author URI: https://www.icegram.com/
10	* Copyright (c) 2014-21 Icegram

122	}
123
124	if ( ! defined( 'IG_PLUGIN_VERSION' ) ) {
125	+ define( 'IG_PLUGIN_VERSION', '2.0.7' );
126	}
127
128	if ( ! defined( 'IG_PRODUCT_ID' ) ) {

lite/classes/class-icegram-campaign-admin.php CHANGED Viewed

	@@ -175,28 +175,29 @@ public function campaign_data_tab_content($tabs) {
175	$message_title = get_the_title( $message['id'] );
176	$message_data = get_post_meta( $message['id'], 'icegram_message_data', true );
177	$message_type = ( !empty( $message_data['type'] ) ) ? $message_data['type'] : '';

178	$class = ( !empty( $icegram->message_types[ $message_type ] ) ) ? $message_type : 'unknown';
179	//if ( empty( $icegram->message_types[ $message_type ] ) ) continue;
180	?>
181	- <tr class="form-field message-row" value="<?php echo $~~message['id']~~; ?>">
182	<td class="message_header">
183	<label class="message_header_label <?php echo "ig_".$message_data['type'] ." " .$class; ?>"><?php echo esc_attr($class); ?></label>
184	</td>
185	<td class="message_title">
186	<div class="message-title-text"><?php echo $message_title; ?></div>
187	- <input type="text" class="message-title-input" name="message_data[<?php echo $~~message['id']~~; ?>][post_title]" value="<?php echo esc_attr($message_title); ?>" placeholder="<?php echo __( 'Give this message a name for your own reference', 'icegram' ); ?>" style="display: none;">
188	</td>
189	<td class="message_seconds">
190	- <input type="hidden" name="<?php echo $icegram_message_meta_key .'['.$row; ?>][id]" value="<?php echo $~~message['id'];~~ ?>" />
191	- <input type="number" class="seconds-text" name="<?php echo $icegram_message_meta_key .'['.$row; ?>][time]" min="-1" value="<?php echo ( !empty( $message['time'] ) ) ? $message['time'] : 0; ?>" size="3" />
192	<?php _e( ' sec', 'icegram' )?>
193	</td>
194	<td class="action_links">
195	- <span class="actions message_edit" title="<?php _e( 'Edit Message', 'icegram' ); ?>" ></span>
196	- <span class="actions message_delete" title="<?php _e( 'Remove from Campaign', 'icegram' ); ?>" ></span>
197	</td>
198	</tr>
199	- <tr id="message_row_<?php echo $~~message['id']~~; ?>" class="message-edit-row" style="display: none;">
200	<td colspan="4">
201	<?php
202	$ig_message_admin->message_form_fields( '', array( 'message_id' => $message['id'] ) );
	@@ -211,7 +212,7 @@ public function campaign_data_tab_content($tabs) {
211	</table>
212	<div class="empty_campaign">
213	<?php
214	- echo __( 'No messages yet. Use search / create bar above to add messages to this campaign.', 'icegram' );
215	?>
216	</div>
217	</div>
	@@ -565,7 +566,7 @@ public function campaign_data_tab_content($tabs) {
565	$ig_message_admin = Icegram_Message_Admin::getInstance();
566	$ig_message_admin->is_icegram_editor = true;
567
568	- check_ajax_referer( 'ig-nonce', 'security' );
569
570	if ( empty( $_POST['message_id'] ) \|\| !is_numeric( $_POST['message_id'] ) ) {
571
	@@ -674,7 +675,11 @@ public function campaign_data_tab_content($tabs) {
674	update_post_meta( $post_id, 'messages', array() );
675	} else {
676	$messages = $_POST['messages'];

677	foreach( $messages as $message => $data ) {



678	if( isset( $data['time'] ) ) {
679	$messages[ $message ]['time'] = sanitize_text_field( $data['time'] );
680	}
	@@ -708,7 +713,7 @@ public function campaign_data_tab_content($tabs) {
708	$message_data['position'] = $message_data['position']['ig_default'];
709	}
710
711	- $sanitizing_fields = array( 'bg_color', 'text_color', 'cta_bg_color', 'cta_text_color', 'alt_cta_bg_color', 'alt_cta_text_color' );
712
713	foreach ( $message_data as $index => $value ) {
714	if( in_array( $index, $sanitizing_fields) ) {
	@@ -738,7 +743,7 @@ public function campaign_data_tab_content($tabs) {
738	wp_update_post( array ( 'ID' => $message_id,
739	'post_content' => $message_data['message'],
740	'post_status' => 'publish',
741	- 'post_title' => empty( $message_data['post_title'] ) ? $message_data['headline']: $message_data['post_title']
742	) );
743	}
744	$_POST = $old_post;


175	$message_title = get_the_title( $message['id'] );
176	$message_data = get_post_meta( $message['id'], 'icegram_message_data', true );
177	$message_type = ( !empty( $message_data['type'] ) ) ? $message_data['type'] : '';
178	+ $message_id = is_numeric( $message['id'] ) ? $message['id'] : '';
179	$class = ( !empty( $icegram->message_types[ $message_type ] ) ) ? $message_type : 'unknown';
180	//if ( empty( $icegram->message_types[ $message_type ] ) ) continue;
181	?>
182	+ <tr class="form-field message-row" value="<?php echo esc_attr( $message_id ); ?>">
183	<td class="message_header">
184	<label class="message_header_label <?php echo "ig_".$message_data['type'] ." " .$class; ?>"><?php echo esc_attr($class); ?></label>
185	</td>
186	<td class="message_title">
187	<div class="message-title-text"><?php echo $message_title; ?></div>
188	+ <input type="text" class="message-title-input" name="message_data[<?php echo esc_attr( $message_id ); ?>][post_title]" value="<?php echo esc_attr($message_title); ?>" placeholder="<?php echo esc_html__( 'Give this message a name for your own reference', 'icegram' ); ?>" style="display: none;">
189	</td>
190	<td class="message_seconds">
191	+ <input type="hidden" name="<?php echo $icegram_message_meta_key .'['.$row; ?>][id]" value="<?php echo esc_attr( $message_id )?>">
192	+ <input type="number" class="seconds-text" name="<?php echo $icegram_message_meta_key .'['.$row; ?>][time]" min="-1" value="<?php echo ( !empty( $message['time'] ) ) ? esc_attr( $message['time'] ) : 0; ?>" size="3" />
193	<?php _e( ' sec', 'icegram' )?>
194	</td>
195	<td class="action_links">
196	+ <span class="actions message_edit" title="<?php esc_html_e( 'Edit Message', 'icegram' ); ?>" ></span>
197	+ <span class="actions message_delete" title="<?php esc_html_e( 'Remove from Campaign', 'icegram' ); ?>" ></span>
198	</td>
199	</tr>
200	+ <tr id="message_row_<?php echo esc_attr( $message_id ); ?>" class="message-edit-row" style="display: none;">
201	<td colspan="4">
202	<?php
203	$ig_message_admin->message_form_fields( '', array( 'message_id' => $message['id'] ) );

212	</table>
213	<div class="empty_campaign">
214	<?php
215	+ echo esc_html__( 'No messages yet. Use search / create bar above to add messages to this campaign.', 'icegram' );
216	?>
217	</div>
218	</div>

566	$ig_message_admin = Icegram_Message_Admin::getInstance();
567	$ig_message_admin->is_icegram_editor = true;
568
569	+ //check_ajax_referer( 'ig-nonce', 'security' );
570
571	if ( empty( $_POST['message_id'] ) \|\| !is_numeric( $_POST['message_id'] ) ) {
572

675	update_post_meta( $post_id, 'messages', array() );
676	} else {
677	$messages = $_POST['messages'];
678	+
679	foreach( $messages as $message => $data ) {
680	+ if( isset( $data['id'] ) ) {
681	+ $messages[ $message ]['id'] = is_numeric( $data['id'] ) ? sanitize_text_field( $data['id']) : '';
682	+ }
683	if( isset( $data['time'] ) ) {
684	$messages[ $message ]['time'] = sanitize_text_field( $data['time'] );
685	}

713	$message_data['position'] = $message_data['position']['ig_default'];
714	}
715
716	+ $sanitizing_fields = array( 'bg_color', 'text_color', 'cta_bg_color', 'cta_text_color', 'alt_cta_bg_color', 'alt_cta_text_color', 'form_bg_color', 'form_text_color' );
717
718	foreach ( $message_data as $index => $value ) {
719	if( in_array( $index, $sanitizing_fields) ) {

743	wp_update_post( array ( 'ID' => $message_id,
744	'post_content' => $message_data['message'],
745	'post_status' => 'publish',
746	+ 'post_title' => empty( $message_data['post_title'] ) ? $message_data['headline']: sanitize_text_field( $message_data['post_title'] )
747	) );
748	}
749	$_POST = $old_post;

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: icegram, storeapps, niravmehta, sandhyam, malayladu, putler, kisha
3	Donate link: https://www.icegram.com/
4	Tags: popup, optin, hellobar, lead capture, form, marketing, notification, messenger, targeting, monster, ninja ,wordpress lead generation, wordpress lightbox optin, wordpress lightbox optin form, wordpress lightbox optins, wordpress mobile optin forms, wordpress mobile popup, wordpress mobile popups, wordpress optin form, wordpress overlay popup, wordpress popup, wordpress popup form, wordpress popup plugin, wordpress popup solution, wordpress popups, popups, subscribe, wp popups, optin bars, action grabber, promotion, popup message, leads, lists, builder, action bar, floating bar, footer bar, hellobar alternative, pop over, Popup plugin, aweber, campaign monitor, constant contact, email list, exit-intent, onclick popup, analytics, Hubspot, popup ads, pop-up, Mailing list pop-up, re-targeting, Animation, Popups with Animation, Responsive Popup, split testing, AB testing
5	Requires at least: 3.9
6	- Tested up to: 5.8.1
7	- Stable tag: 2.0.6
8	License: GPLv3
9
10	The best WP popup plugin that lets you create a popup within seconds. Customize popup, target popups to show offers, email signups, social buttons, etc and instantly increase conversions on your website.
	@@ -242,15 +242,15 @@ Contact Us, provide as much detail of the problem as you can. We will try to sol
242
243	== Upgrade Notice ==
244
245	- = 2.0.6 =
246
247	- * Fix: ~~Not~~ ~~able~~ to ~~create~~ ~~new~~ ~~campaign~~ or ~~post~~
248
249	== Changelog ==
250
251	- 2.0.6 (19.11.2021)
252
253	- * Fix: ~~Not~~ ~~able~~ to ~~create~~ ~~new~~ ~~campaign~~ or ~~post~~
254
255	2.0.5 (18.11.2021)
256


3	Donate link: https://www.icegram.com/
4	Tags: popup, optin, hellobar, lead capture, form, marketing, notification, messenger, targeting, monster, ninja ,wordpress lead generation, wordpress lightbox optin, wordpress lightbox optin form, wordpress lightbox optins, wordpress mobile optin forms, wordpress mobile popup, wordpress mobile popups, wordpress optin form, wordpress overlay popup, wordpress popup, wordpress popup form, wordpress popup plugin, wordpress popup solution, wordpress popups, popups, subscribe, wp popups, optin bars, action grabber, promotion, popup message, leads, lists, builder, action bar, floating bar, footer bar, hellobar alternative, pop over, Popup plugin, aweber, campaign monitor, constant contact, email list, exit-intent, onclick popup, analytics, Hubspot, popup ads, pop-up, Mailing list pop-up, re-targeting, Animation, Popups with Animation, Responsive Popup, split testing, AB testing
5	Requires at least: 3.9
6	+ Tested up to: 5.8.2
7	+ Stable tag: 2.0.7
8	License: GPLv3
9
10	The best WP popup plugin that lets you create a popup within seconds. Customize popup, target popups to show offers, email signups, social buttons, etc and instantly increase conversions on your website.

242
243	== Upgrade Notice ==
244
245	+ = 2.0.7 =
246
247	+ * Fix: Improved security related to XSS [Thanks to Patchstack team]
248
249	== Changelog ==
250
251	+ 2.0.7 (08.12.2021)
252
253	+ * Fix: Improved security related to XSS [Thanks to Patchstack team]
254
255	2.0.5 (18.11.2021)
256

Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram - Version 2.0.7

Version Description

Release Info

Code changes from version 2.0.6 to 2.0.7