Version Description
(7 January 2019) =
Security:
- Patched a blind SQL injection vulnerability in the search filter on our submissions page. Thank you to Samuel Anttila at netsec.expert for practicing responsible disclosure.
=
Download this release
Release Info
Developer | krmoorhouse |
Plugin | Ninja Forms – The Easy and Powerful Forms Builder |
Version | 3.3.21.2 |
Comparing to | |
See all releases |
Code changes from version 3.3.21.1 to 3.3.21.2
- deprecated/ninja-forms.php +1 -1
- includes/Admin/Menus/Submissions.php +4 -0
- ninja-forms.php +2 -2
- readme.txt +8 -10
deprecated/ninja-forms.php
CHANGED
@@ -265,7 +265,7 @@ class Ninja_Forms {
|
|
265 |
|
266 |
// Plugin version
|
267 |
if ( ! defined( 'NF_PLUGIN_VERSION' ) )
|
268 |
-
define( 'NF_PLUGIN_VERSION', '3.3.21.
|
269 |
|
270 |
// Plugin Folder Path
|
271 |
if ( ! defined( 'NF_PLUGIN_DIR' ) )
|
265 |
|
266 |
// Plugin version
|
267 |
if ( ! defined( 'NF_PLUGIN_VERSION' ) )
|
268 |
+
define( 'NF_PLUGIN_VERSION', '3.3.21.2' );
|
269 |
|
270 |
// Plugin Folder Path
|
271 |
if ( ! defined( 'NF_PLUGIN_DIR' ) )
|
includes/Admin/Menus/Submissions.php
CHANGED
@@ -296,6 +296,9 @@ final class NF_Admin_Menus_Submissions extends NF_Abstracts_Submenu
|
|
296 |
$vars = apply_filters( 'ninja_forms_sub_table_qv', $vars, $form_id );
|
297 |
}
|
298 |
|
|
|
|
|
|
|
299 |
public function search( $pieces ) {
|
300 |
global $typenow;
|
301 |
// filter to select search query
|
@@ -308,6 +311,7 @@ final class NF_Admin_Menus_Submissions extends NF_Abstracts_Submenu
|
|
308 |
|
309 |
foreach ($keywords as $word) {
|
310 |
|
|
|
311 |
$query .= " (mypm1.meta_value LIKE '%{$word}%') OR ";
|
312 |
}
|
313 |
|
296 |
$vars = apply_filters( 'ninja_forms_sub_table_qv', $vars, $form_id );
|
297 |
}
|
298 |
|
299 |
+
/**
|
300 |
+
* @updated 3.3.21.2
|
301 |
+
*/
|
302 |
public function search( $pieces ) {
|
303 |
global $typenow;
|
304 |
// filter to select search query
|
311 |
|
312 |
foreach ($keywords as $word) {
|
313 |
|
314 |
+
$wpdb->escape_by_ref( $word );
|
315 |
$query .= " (mypm1.meta_value LIKE '%{$word}%') OR ";
|
316 |
}
|
317 |
|
ninja-forms.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Ninja Forms
|
4 |
Plugin URI: http://ninjaforms.com/
|
5 |
Description: Ninja Forms is a webform builder with unparalleled ease of use and features.
|
6 |
-
Version: 3.3.21.
|
7 |
Author: The WP Ninjas
|
8 |
Author URI: http://ninjaforms.com
|
9 |
Text Domain: ninja-forms
|
@@ -57,7 +57,7 @@ if( get_option( 'ninja_forms_load_deprecated', FALSE ) && ! ( isset( $_POST[ 'nf
|
|
57 |
/**
|
58 |
* @since 3.0
|
59 |
*/
|
60 |
-
const VERSION = '3.3.21.
|
61 |
|
62 |
const WP_MIN_VERSION = '4.8';
|
63 |
|
3 |
Plugin Name: Ninja Forms
|
4 |
Plugin URI: http://ninjaforms.com/
|
5 |
Description: Ninja Forms is a webform builder with unparalleled ease of use and features.
|
6 |
+
Version: 3.3.21.2
|
7 |
Author: The WP Ninjas
|
8 |
Author URI: http://ninjaforms.com
|
9 |
Text Domain: ninja-forms
|
57 |
/**
|
58 |
* @since 3.0
|
59 |
*/
|
60 |
+
const VERSION = '3.3.21.2';
|
61 |
|
62 |
const WP_MIN_VERSION = '4.8';
|
63 |
|
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: wpninjasllc, kstover, jameslaws, kbjohnson90, klhall1987, krmoorho
|
|
3 |
Tags: form, forms, contact form, custom form, form builder, form creator, form manager, form creation, contact forms, custom forms, forms builder, forms creator, forms manager, forms creation, form administration,
|
4 |
Requires at least: 4.8
|
5 |
Tested up to: 5.0
|
6 |
-
Stable tag: 3.3.21.
|
7 |
License: GPLv2 or later
|
8 |
|
9 |
Drag and drop fields in an intuitive UI to create contact forms, email subscription forms, order forms, payment forms, send emails and more!
|
@@ -111,21 +111,19 @@ For help and video tutorials, please visit our website: [Ninja Forms Documentati
|
|
111 |
|
112 |
== Upgrade Notice ==
|
113 |
|
114 |
-
= 3.3.21.
|
115 |
|
116 |
*Security:*
|
117 |
|
118 |
-
* Patched a
|
119 |
|
120 |
-
|
121 |
|
122 |
-
|
123 |
|
124 |
-
*
|
125 |
-
|
126 |
-
* Product and quantity field merge tags can no longer be referenced in calculations.
|
127 |
|
128 |
-
|
129 |
|
130 |
= 3.3.21.1 (3 January 2019) =
|
131 |
|
@@ -137,7 +135,7 @@ For help and video tutorials, please visit our website: [Ninja Forms Documentati
|
|
137 |
|
138 |
*Bugs:*
|
139 |
|
140 |
-
* Resolved an issue that caused our Gutenberg Block to not dispaly in the post editor when the Twenty
|
141 |
|
142 |
*Changes:*
|
143 |
|
3 |
Tags: form, forms, contact form, custom form, form builder, form creator, form manager, form creation, contact forms, custom forms, forms builder, forms creator, forms manager, forms creation, form administration,
|
4 |
Requires at least: 4.8
|
5 |
Tested up to: 5.0
|
6 |
+
Stable tag: 3.3.21.2
|
7 |
License: GPLv2 or later
|
8 |
|
9 |
Drag and drop fields in an intuitive UI to create contact forms, email subscription forms, order forms, payment forms, send emails and more!
|
111 |
|
112 |
== Upgrade Notice ==
|
113 |
|
114 |
+
= 3.3.21.2 (7 January 2019) =
|
115 |
|
116 |
*Security:*
|
117 |
|
118 |
+
* Patched a blind SQL injection vulnerability in the search filter on our submissions page. Thank you to Samuel Anttila at netsec.expert for practicing responsible disclosure.
|
119 |
|
120 |
+
== Changelog ==
|
121 |
|
122 |
+
= 3.3.21.2 (7 January 2019) =
|
123 |
|
124 |
+
*Security:*
|
|
|
|
|
125 |
|
126 |
+
* Patched a blind SQL injection vulnerability in the search filter on our submissions page. Thank you to Samuel Anttila at netsec.expert for practicing responsible disclosure.
|
127 |
|
128 |
= 3.3.21.1 (3 January 2019) =
|
129 |
|
135 |
|
136 |
*Bugs:*
|
137 |
|
138 |
+
* Resolved an issue that caused our Gutenberg Block to not dispaly in the post editor when the Twenty Nineteen theme is active.
|
139 |
|
140 |
*Changes:*
|
141 |
|