MailChimp for WordPress - Version 4.0.11

Version Description

Download this release

Release Info

Developer DvanKooten
Plugin Icon 128x128 MailChimp for WordPress
Version 4.0.11
Comparing to
See all releases

Code changes from version 4.0.10 to 4.0.11

Files changed (9) hide show
  1. CHANGELOG.md +10 -0
  2. includes/api/class-api-v3.php +4 -3
  3. includes/class-tools.php +1 -0
  4. includes/integrations/class-admin.php +1 -1
  5. includes/integrations/views/integration-settings.php +2 -2
  6. mailchimp-for-wp.php +2 -2
  7. readme.txt +10 -1
  8. vendor/autoload_52.php +1 -1
  9. vendor/composer/autoload_real_52.php +3 -3
CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
  Changelog
2
  =========
3
 
 
 
 
 
 
 
 
 
 
 
4
 
5
  #### 4.0.10 - December 6, 2016
6
 
1
  Changelog
2
  =========
3
 
4
+ #### 4.0.11 - December 9, 2016
5
+
6
+ **Fixes**
7
+
8
+ - Unescaped request variable on integration settings page, allowing for authenticated XSS. Thanks to [dxwsecurity](https://security.dxw.com/) for responsibly disclosing.
9
+
10
+ **Improvements**
11
+
12
+ - Add `$args` parameter to `API::get_lists_activity` method. Relates to the [MailChimp Activity](https://wordpress.org/plugins/mc4wp-activity/) plugin.
13
+
14
 
15
  #### 4.0.10 - December 6, 2016
16
 
includes/api/class-api-v3.php CHANGED
@@ -65,12 +65,13 @@ class MC4WP_API_v3 {
65
  * @link http://developer.mailchimp.com/documentation/mailchimp/reference/lists/activity/#read-get_lists_list_id_activity
66
  *
67
  * @param string $list_id
68
- *
 
69
  * @return array
70
  */
71
- public function get_list_activity( $list_id ) {
72
  $resource = sprintf( '/lists/%s/activity', $list_id );
73
- $data = $this->client->get( $resource );
74
 
75
  if( is_object( $data ) && isset( $data->activity ) ) {
76
  return $data->activity;
65
  * @link http://developer.mailchimp.com/documentation/mailchimp/reference/lists/activity/#read-get_lists_list_id_activity
66
  *
67
  * @param string $list_id
68
+ * @param array $args
69
+ *
70
  * @return array
71
  */
72
+ public function get_list_activity( $list_id, array $args = array() ) {
73
  $resource = sprintf( '/lists/%s/activity', $list_id );
74
+ $data = $this->client->get( $resource, $args );
75
 
76
  if( is_object( $data ) && isset( $data->activity ) ) {
77
  return $data->activity;
includes/class-tools.php CHANGED
@@ -9,6 +9,7 @@
9
  class MC4WP_Tools {
10
 
11
  /**
 
12
  * @param $datetime
13
  * @param string $format
14
  *
9
  class MC4WP_Tools {
10
 
11
  /**
12
+ * @deprecated
13
  * @param $datetime
14
  * @param string $format
15
  *
includes/integrations/class-admin.php CHANGED
@@ -182,7 +182,7 @@ class MC4WP_Integration_Admin {
182
  try {
183
  $integration = $this->integrations->get( $slug );
184
  } catch( Exception $e ) {
185
- echo sprintf( '<h3>Integration not found.</h3><p>No integration with slug <strong>%s</strong> was found.</p>', $slug );
186
  return;
187
  }
188
 
182
  try {
183
  $integration = $this->integrations->get( $slug );
184
  } catch( Exception $e ) {
185
+ echo sprintf( '<h3>Integration not found.</h3><p>No integration with slug <strong>%s</strong> was found.</p>', esc_html( $slug ) );
186
  return;
187
  }
188
 
includes/integrations/views/integration-settings.php CHANGED
@@ -8,7 +8,7 @@
8
  <span class="prefix"><?php echo __( 'You are here: ', 'mailchimp-for-wp' ); ?></span>
9
  <a href="<?php echo admin_url( 'admin.php?page=mailchimp-for-wp' ); ?>">MailChimp for WordPress</a> &rsaquo;
10
  <a href="<?php echo admin_url( 'admin.php?page=mailchimp-for-wp-integrations' ); ?>"><?php _e( 'Integrations', 'mailchimp-for-wp' ); ?></a> &rsaquo;
11
- <span class="current-crumb"><strong><?php echo $integration->name; ?></strong></span>
12
  </p>
13
 
14
  <div class="main-content row">
@@ -17,7 +17,7 @@
17
  <div class="main-content col col-4 col-sm-6">
18
 
19
  <h1 class="page-title">
20
- <?php printf( __( '%s integration', 'mailchimp-for-wp' ), $integration->name ); ?>
21
  </h1>
22
 
23
  <h2 style="display: none;"></h2>
8
  <span class="prefix"><?php echo __( 'You are here: ', 'mailchimp-for-wp' ); ?></span>
9
  <a href="<?php echo admin_url( 'admin.php?page=mailchimp-for-wp' ); ?>">MailChimp for WordPress</a> &rsaquo;
10
  <a href="<?php echo admin_url( 'admin.php?page=mailchimp-for-wp-integrations' ); ?>"><?php _e( 'Integrations', 'mailchimp-for-wp' ); ?></a> &rsaquo;
11
+ <span class="current-crumb"><strong><?php echo esc_html( $integration->name ); ?></strong></span>
12
  </p>
13
 
14
  <div class="main-content row">
17
  <div class="main-content col col-4 col-sm-6">
18
 
19
  <h1 class="page-title">
20
+ <?php printf( __( '%s integration', 'mailchimp-for-wp' ), esc_html( $integration->name ) ); ?>
21
  </h1>
22
 
23
  <h2 style="display: none;"></h2>
mailchimp-for-wp.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: MailChimp for WordPress
4
  Plugin URI: https://mc4wp.com/#utm_source=wp-plugin&utm_medium=mailchimp-for-wp&utm_campaign=plugins-page
5
  Description: MailChimp for WordPress by ibericode. Adds various highly effective sign-up methods to your site.
6
- Version: 4.0.10
7
  Author: ibericode
8
  Author URI: https://ibericode.com/
9
  Text Domain: mailchimp-for-wp
@@ -47,7 +47,7 @@ function _mc4wp_load_plugin() {
47
  }
48
 
49
  // bootstrap the core plugin
50
- define( 'MC4WP_VERSION', '4.0.10' );
51
  define( 'MC4WP_PLUGIN_DIR', dirname( __FILE__ ) . '/' );
52
  define( 'MC4WP_PLUGIN_URL', plugins_url( '/' , __FILE__ ) );
53
  define( 'MC4WP_PLUGIN_FILE', __FILE__ );
3
  Plugin Name: MailChimp for WordPress
4
  Plugin URI: https://mc4wp.com/#utm_source=wp-plugin&utm_medium=mailchimp-for-wp&utm_campaign=plugins-page
5
  Description: MailChimp for WordPress by ibericode. Adds various highly effective sign-up methods to your site.
6
+ Version: 4.0.11
7
  Author: ibericode
8
  Author URI: https://ibericode.com/
9
  Text Domain: mailchimp-for-wp
47
  }
48
 
49
  // bootstrap the core plugin
50
+ define( 'MC4WP_VERSION', '4.0.11' );
51
  define( 'MC4WP_PLUGIN_DIR', dirname( __FILE__ ) . '/' );
52
  define( 'MC4WP_PLUGIN_URL', plugins_url( '/' , __FILE__ ) );
53
  define( 'MC4WP_PLUGIN_FILE', __FILE__ );
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://mc4wp.com/#utm_source=wp-plugin-repo&utm_medium=mailchimp-f
4
  Tags: mailchimp, mc4wp, email, marketing, newsletter, subscribe, widget, mc4wp, contact form 7, woocommerce, buddypress, ibericode, mailchimp forms, mailchimp integrations
5
  Requires at least: 4.1
6
  Tested up to: 4.7
7
- Stable tag: 4.0.10
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -189,6 +189,15 @@ MailChimp for WordPress is being developed on GitHub. If you want to collaborate
189
 
190
  == Changelog ==
191
 
 
 
 
 
 
 
 
 
 
192
 
193
 
194
  #### 4.0.10 - December 6, 2016
4
  Tags: mailchimp, mc4wp, email, marketing, newsletter, subscribe, widget, mc4wp, contact form 7, woocommerce, buddypress, ibericode, mailchimp forms, mailchimp integrations
5
  Requires at least: 4.1
6
  Tested up to: 4.7
7
+ Stable tag: 4.0.11
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
189
 
190
  == Changelog ==
191
 
192
+ #### 4.0.11 - December 9, 2016
193
+
194
+ **Fixes**
195
+
196
+ - Unescaped request variable on integration settings page, allowing for authenticated XSS. Thanks to [dxwsecurity](https://security.dxw.com/) for responsibly disclosing.
197
+
198
+ **Improvements**
199
+
200
+ - Add `$args` parameter to `API::get_lists_activity` method. Relates to the [MailChimp Activity](https://wordpress.org/plugins/mc4wp-activity/) plugin.
201
 
202
 
203
  #### 4.0.10 - December 6, 2016
vendor/autoload_52.php CHANGED
@@ -4,4 +4,4 @@
4
 
5
  require_once dirname(__FILE__) . '/composer'.'/autoload_real_52.php';
6
 
7
- return ComposerAutoloaderInite6927db807605759dd96b20944eb5c50::getLoader();
4
 
5
  require_once dirname(__FILE__) . '/composer'.'/autoload_real_52.php';
6
 
7
+ return ComposerAutoloaderInite220b9cdf73db6b31110859155e3018a::getLoader();
vendor/composer/autoload_real_52.php CHANGED
@@ -2,7 +2,7 @@
2
 
3
  // autoload_real_52.php generated by xrstf/composer-php52
4
 
5
- class ComposerAutoloaderInite6927db807605759dd96b20944eb5c50 {
6
  private static $loader;
7
 
8
  public static function loadClassLoader($class) {
@@ -19,9 +19,9 @@ class ComposerAutoloaderInite6927db807605759dd96b20944eb5c50 {
19
  return self::$loader;
20
  }
21
 
22
- spl_autoload_register(array('ComposerAutoloaderInite6927db807605759dd96b20944eb5c50', 'loadClassLoader'), true /*, true */);
23
  self::$loader = $loader = new xrstf_Composer52_ClassLoader();
24
- spl_autoload_unregister(array('ComposerAutoloaderInite6927db807605759dd96b20944eb5c50', 'loadClassLoader'));
25
 
26
  $vendorDir = dirname(dirname(__FILE__));
27
  $baseDir = dirname($vendorDir);
2
 
3
  // autoload_real_52.php generated by xrstf/composer-php52
4
 
5
+ class ComposerAutoloaderInite220b9cdf73db6b31110859155e3018a {
6
  private static $loader;
7
 
8
  public static function loadClassLoader($class) {
19
  return self::$loader;
20
  }
21
 
22
+ spl_autoload_register(array('ComposerAutoloaderInite220b9cdf73db6b31110859155e3018a', 'loadClassLoader'), true /*, true */);
23
  self::$loader = $loader = new xrstf_Composer52_ClassLoader();
24
+ spl_autoload_unregister(array('ComposerAutoloaderInite220b9cdf73db6b31110859155e3018a', 'loadClassLoader'));
25
 
26
  $vendorDir = dirname(dirname(__FILE__));
27
  $baseDir = dirname($vendorDir);