MetaSlider - Version 3.3.2

Version Description

[16/04/15] =

  • Fix: FPD Security issue. Thanks to Ole Aass (@oleaass) for finding and disclosing this issue.

More information:

The fix will prevent some servers (configured with 'display_errors' set to 'on') from disclosing the full path to certain files within Meta Slider.

http://codex.wordpress.org/Security_FAQ#Why_are_there_path_disclosures_when_directly_loading_certain_files.3F

Download this release

Release Info

Developer matchalabs
Plugin Icon 128x128 MetaSlider
Version 3.3.2
Comparing to
See all releases

Code changes from version 3.3.1 to 3.3.2

inc/metaslider.imagehelper.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Helper class for resizing images, returning the correct URL to the image etc
4
*/
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Helper class for resizing images, returning the correct URL to the image etc
9
*/
inc/metaslider.systemcheck.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Check for common issues with the server environment and WordPress install.
4
*/
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Check for common issues with the server environment and WordPress install.
9
*/
inc/metaslider.widget.class.php CHANGED
@@ -3,8 +3,9 @@
3
* Adds Meta Slider widget.
4
*/
5
6
- // disable direct access
7
- if ( !defined( 'ABSPATH' ) ) exit;
8
9
class MetaSlider_Widget extends WP_Widget {
10
3
* Adds Meta Slider widget.
4
*/
5
6
+ if ( ! defined( 'ABSPATH' ) ) {
7
+ exit; // disable direct access
8
+ }
9
10
class MetaSlider_Widget extends WP_Widget {
11
inc/simple_html_dom.php CHANGED
@@ -39,6 +39,10 @@
39
* @subpackage simple_html_dom
40
*/
41
42
if ( ! class_exists('simple_html_dom_node') ) :
43
/**
44
* All of the Defines for the classes below.
39
* @subpackage simple_html_dom
40
*/
41
42
+ if ( ! defined( 'ABSPATH' ) ) {
43
+ exit; // disable direct access
44
+ }
45
+
46
if ( ! class_exists('simple_html_dom_node') ) :
47
/**
48
* All of the Defines for the classes below.
inc/slide/metaslide.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Slide class represting a single slide. This is extended by type specific
4
* slides (eg, MetaImageSlide, MetaYoutubeSlide (pro only), etc)
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Slide class represting a single slide. This is extended by type specific
9
* slides (eg, MetaImageSlide, MetaYoutubeSlide (pro only), etc)
inc/slide/metaslide.image.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Generic Slider super class. Extended by library specific classes.
4
*/
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Generic Slider super class. Extended by library specific classes.
9
*/
inc/slider/metaslider.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Generic Slider super class. Extended by library specific classes.
4
*
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Generic Slider super class. Extended by library specific classes.
9
*
inc/slider/metaslider.coin.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Override parent 'MetaSlider' class with CoinSlider specific markup,
4
* javascript, css and settings.
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Override parent 'MetaSlider' class with CoinSlider specific markup,
9
* javascript, css and settings.
inc/slider/metaslider.flex.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Flex Slider specific markup, javascript, css and settings.
4
*/
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Flex Slider specific markup, javascript, css and settings.
9
*/
inc/slider/metaslider.nivo.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Nivo Slider specific markup, javascript, css and settings.
4
*/
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Nivo Slider specific markup, javascript, css and settings.
9
*/
inc/slider/metaslider.responsive.class.php CHANGED
@@ -1,4 +1,9 @@
1
<?php
2
/**
3
* Responsive Slider specific markup, javascript, css and settings.
4
*/
1
<?php
2
+
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ exit; // disable direct access
5
+ }
6
+
7
/**
8
* Responsive Slider specific markup, javascript, css and settings.
9
*/
ml-slider.php CHANGED
@@ -5,7 +5,7 @@
5
* Plugin Name: Meta Slider
6
* Plugin URI: https://www.metaslider.com
7
* Description: Easy to use slideshow plugin. Create SEO optimised responsive slideshows with Nivo Slider, Flex Slider, Coin Slider and Responsive Slides.
8
- * Version: 3.3.1
9
* Author: Matcha Labs
10
* Author URI: https://www.metaslider.com
11
* License: GPL-2.0+
@@ -31,7 +31,7 @@ class MetaSliderPlugin {
31
/**
32
* @var string
33
*/
34
- public $version = '3.3.1';
35
36
37
/**
5
* Plugin Name: Meta Slider
6
* Plugin URI: https://www.metaslider.com
7
* Description: Easy to use slideshow plugin. Create SEO optimised responsive slideshows with Nivo Slider, Flex Slider, Coin Slider and Responsive Slides.
8
+ * Version: 3.3.2
9
* Author: Matcha Labs
10
* Author URI: https://www.metaslider.com
11
* License: GPL-2.0+
31
/**
32
* @var string
33
*/
34
+ public $version = '3.3.2';
35
36
37
/**
readme.txt CHANGED
@@ -146,6 +146,16 @@ See www.metaslider.com/documentation/image-cropping/
146
147
== Changelog ==
148
149
= 3.3.1 [23/03/15] =
150
151
* Fix: Remove 'create video playlist' option from Media Library (on Meta Slider page only)
146
147
== Changelog ==
148
149
+ = 3.3.2 [16/04/15] =
150
+
151
+ * Fix: FPD Security issue. Thanks to Ole Aass (@oleaass) for finding and disclosing this issue.
152
+
153
+ More information:
154
+
155
+ The fix will prevent some servers (configured with 'display_errors' set to 'on') from disclosing the full path to certain files within Meta Slider.
156
+
157
+ http://codex.wordpress.org/Security_FAQ#Why_are_there_path_disclosures_when_directly_loading_certain_files.3F
158
+
159
= 3.3.1 [23/03/15] =
160
161
* Fix: Remove 'create video playlist' option from Media Library (on Meta Slider page only)