Permalink Manager Lite - Version 2.2.20.1

Version Description

(October 31, 2022) = * Fix - Security fix for BAC vulnerability found in the debug function that allowed unauthorized removal of single URIs

Download this release

Release Info

Developer mbis
Plugin Icon 128x128 Permalink Manager Lite
Version 2.2.20.1
Comparing to
See all releases

Code changes from version 2.2.20 to 2.2.20.1

Files changed (4) hide show
  1. README.txt +8 -5
  2. includes/core/permalink-manager-actions.php +16 -14
  3. includes/core/permalink-manager-core-functions.php +2 -2
  4. permalink-manager.php +2 -2
README.txt CHANGED
@@ -6,8 +6,8 @@ License URI: http://www.gnu.org/licenses/gpl-2.0.html
6
  Tags: permalinks, custom permalinks, permalink, woocommerce permalinks, url editor
7
  Requires at least: 4.4.0
8
  Requires PHP: 5.4
9
- Tested up to: 6.0.3
10
- Stable tag: 2.2.20
11
 
12
  Permalink Manager lets you customize the complete URL addresses of your posts, pages, custom post types, terms, and WooCommerce links with ease without touching any core files.
13
 
@@ -93,14 +93,17 @@ It is because Permalink Manager overwrites one of the core Wordpress functionali
93
 
94
  == Changelog ==
95
 
 
 
 
96
  = 2.2.20 (October 10, 2022) =
97
- * Fix - The URLs with duplicated slashes (eg. example.com/sample-page////) are now handled correctly and forwarded to the canonical URL.
98
  * Fix - The redirect problem was resolved with WPForo versions after 2.0.1
99
  * Dev - Improved compatibility with the WP All Import plugin functions
100
  * Dev - Improved compatibility with Polylang plugin
101
  * Dev - Better support for ACF Relationship fields
102
- * Dev - The plugin no longer (by default) supports custom post types & taxonomies that do not have the "query_var" and "rewrite" properties set
103
- * Enhancement - In "Exclude drafts" mode, the URI Editor field in the "Quick Edit" section becomes "read-only" for the "Draft" posts.
104
 
105
  = 2.2.19.3 (August 11, 2022) =
106
  * Dev - New filter added - 'permalink_manager_pre_sanitize_title'
6
  Tags: permalinks, custom permalinks, permalink, woocommerce permalinks, url editor
7
  Requires at least: 4.4.0
8
  Requires PHP: 5.4
9
+ Tested up to: 6.1.0
10
+ Stable tag: 2.2.20.1
11
 
12
  Permalink Manager lets you customize the complete URL addresses of your posts, pages, custom post types, terms, and WooCommerce links with ease without touching any core files.
13
 
93
 
94
  == Changelog ==
95
 
96
+ = 2.2.20.1 (October 31, 2022) =
97
+ * Fix - Security fix for BAC vulnerability found in the debug function that allowed unauthorized removal of single URIs
98
+
99
  = 2.2.20 (October 10, 2022) =
100
+ * Fix - The URLs with duplicated slashes (eg. example.com/sample-page////) are now handled correctly and forwarded to the canonical URL
101
  * Fix - The redirect problem was resolved with WPForo versions after 2.0.1
102
  * Dev - Improved compatibility with the WP All Import plugin functions
103
  * Dev - Improved compatibility with Polylang plugin
104
  * Dev - Better support for ACF Relationship fields
105
+ * Dev - The plugin no longer (by default) supports custom post types & taxonomies that do not have the "query_var" and "rewrite" properties
106
+ * Enhancement - In "Exclude drafts" mode, the URI Editor field in the "Quick Edit" section becomes "read-only" for the "Draft" posts
107
 
108
  = 2.2.19.3 (August 11, 2022) =
109
  * Dev - New filter added - 'permalink_manager_pre_sanitize_title'
includes/core/permalink-manager-actions.php CHANGED
@@ -285,19 +285,21 @@ class Permalink_Manager_Actions extends Permalink_Manager_Class {
285
  * Additional actions
286
  */
287
  public static function extra_actions() {
288
- if(isset($_GET['flush_sitemaps'])) {
289
- self::flush_sitemaps();
290
- } else if(isset($_GET['clear-permalink-manager-uris'])) {
291
- self::clear_all_uris();
292
- } else if(isset($_GET['remove-permalink-manager-settings'])) {
293
- $option_name = sanitize_text_field($_GET['remove-permalink-manager-settings']);
294
- self::remove_plugin_data($option_name);
295
- } else if(!empty($_REQUEST['remove-uri'])) {
296
- $uri_key = sanitize_text_field($_REQUEST['remove-uri']);
297
- self::force_clear_single_element_uris_and_redirects($uri_key);
298
- } else if(!empty($_REQUEST['remove-redirect'])) {
299
- $redirect_key = sanitize_text_field($_REQUEST['remove-redirect']);
300
- self::force_clear_single_redirect($redirect_key);
 
 
301
  } else if(!empty($_POST['screen-options-apply'])) {
302
  self::save_screen_options();
303
  }
@@ -307,7 +309,7 @@ class Permalink_Manager_Actions extends Permalink_Manager_Class {
307
  * Save "Screen Options"
308
  */
309
  public static function save_screen_options() {
310
- check_admin_referer( 'screen-options-nonce', 'screenoptionnonce' );
311
 
312
  // The values will be sanitized inside the function
313
  self::save_settings('screen-options', $_POST['screen-options']);
285
  * Additional actions
286
  */
287
  public static function extra_actions() {
288
+ if(current_user_can('manage_options')) {
289
+ if(isset($_GET['flush_sitemaps'])) {
290
+ self::flush_sitemaps();
291
+ } else if(isset($_GET['clear-permalink-manager-uris'])) {
292
+ self::clear_all_uris();
293
+ } else if(isset($_GET['remove-permalink-manager-settings'])) {
294
+ $option_name = sanitize_text_field($_GET['remove-permalink-manager-settings']);
295
+ self::remove_plugin_data($option_name);
296
+ } /*else if(!empty($_REQUEST['remove-uri'])) {
297
+ $uri_key = sanitize_text_field($_REQUEST['remove-uri']);
298
+ self::force_clear_single_element_uris_and_redirects($uri_key);
299
+ } else if(!empty($_REQUEST['remove-redirect'])) {
300
+ $redirect_key = sanitize_text_field($_REQUEST['remove-redirect']);
301
+ self::force_clear_single_redirect($redirect_key);
302
+ }*/
303
  } else if(!empty($_POST['screen-options-apply'])) {
304
  self::save_screen_options();
305
  }
309
  * Save "Screen Options"
310
  */
311
  public static function save_screen_options() {
312
+ check_admin_referer('screen-options-nonce', 'screenoptionnonce');
313
 
314
  // The values will be sanitized inside the function
315
  self::save_settings('screen-options', $_POST['screen-options']);
includes/core/permalink-manager-core-functions.php CHANGED
@@ -809,9 +809,9 @@ class Permalink_Manager_Core_Functions extends Permalink_Manager_Class {
809
 
810
  // Prevent redirect loop
811
  $rel_old_uri = wp_make_link_relative($old_uri);
812
- $rel_correct_permalink = wp_make_link_relative($correct_permalink);
813
 
814
- if($redirect_type === 'www_redirect' || $rel_old_uri !== $rel_correct_permalink) {
815
  wp_safe_redirect($correct_permalink, $redirect_mode, PERMALINK_MANAGER_PLUGIN_NAME);
816
  exit();
817
  }
809
 
810
  // Prevent redirect loop
811
  $rel_old_uri = wp_make_link_relative($old_uri);
812
+ $rel_new_uri = wp_make_link_relative($correct_permalink);
813
 
814
+ if($redirect_type === 'www_redirect' || $rel_old_uri !== $rel_new_uri) {
815
  wp_safe_redirect($correct_permalink, $redirect_mode, PERMALINK_MANAGER_PLUGIN_NAME);
816
  exit();
817
  }
permalink-manager.php CHANGED
@@ -4,7 +4,7 @@
4
  * Plugin Name: Permalink Manager Lite
5
  * Plugin URI: https://permalinkmanager.pro?utm_source=plugin
6
  * Description: Advanced plugin that allows to set-up custom permalinks (bulk editors included), slugs and permastructures (WooCommerce compatible).
7
- * Version: 2.2.20
8
  * Author: Maciej Bis
9
  * Author URI: http://maciejbis.net/
10
  * License: GPL-2.0+
@@ -25,7 +25,7 @@ if(!class_exists('Permalink_Manager_Class')) {
25
  // Define the directories used to load plugin files.
26
  define( 'PERMALINK_MANAGER_PLUGIN_NAME', 'Permalink Manager' );
27
  define( 'PERMALINK_MANAGER_PLUGIN_SLUG', 'permalink-manager' );
28
- define( 'PERMALINK_MANAGER_VERSION', '2.2.20' );
29
  define( 'PERMALINK_MANAGER_FILE', __FILE__ );
30
  define( 'PERMALINK_MANAGER_DIR', untrailingslashit(dirname(__FILE__)) );
31
  define( 'PERMALINK_MANAGER_BASENAME', plugin_basename(__FILE__));
4
  * Plugin Name: Permalink Manager Lite
5
  * Plugin URI: https://permalinkmanager.pro?utm_source=plugin
6
  * Description: Advanced plugin that allows to set-up custom permalinks (bulk editors included), slugs and permastructures (WooCommerce compatible).
7
+ * Version: 2.2.20.1
8
  * Author: Maciej Bis
9
  * Author URI: http://maciejbis.net/
10
  * License: GPL-2.0+
25
  // Define the directories used to load plugin files.
26
  define( 'PERMALINK_MANAGER_PLUGIN_NAME', 'Permalink Manager' );
27
  define( 'PERMALINK_MANAGER_PLUGIN_SLUG', 'permalink-manager' );
28
+ define( 'PERMALINK_MANAGER_VERSION', '2.2.20.1' );
29
  define( 'PERMALINK_MANAGER_FILE', __FILE__ );
30
  define( 'PERMALINK_MANAGER_DIR', untrailingslashit(dirname(__FILE__)) );
31
  define( 'PERMALINK_MANAGER_BASENAME', plugin_basename(__FILE__));