Version Description
- Fix xss vulnerability when adding Polldaddy links to post content
Download this release
Release Info
| Developer | panosktn |
| Plugin |  Crowdsignal Dashboard – Polls, Surveys & more |
| Version | 2.0.32 |
| Comparing to | |
| See all releases | |
Code changes from version 2.0.31 to 2.0.32
- polldaddy-org.php +10 -1
- polldaddy.php +1 -1
- readme.txt +5 -2
polldaddy-org.php
CHANGED
|
@@ -924,7 +924,16 @@ new PolldaddyShortcode();
|
|
| 924 |
if ( !function_exists( 'polldaddy_link' ) ) {
|
| 925 |
// http://polldaddy.com/poll/1562975/?view=results&msg=voted
|
| 926 |
function polldaddy_link( $content ) {
|
| 927 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 928 |
}
|
| 929 |
|
| 930 |
// higher priority because we need it before auto-link and autop get to it
|
| 924 |
if ( !function_exists( 'polldaddy_link' ) ) {
|
| 925 |
// http://polldaddy.com/poll/1562975/?view=results&msg=voted
|
| 926 |
function polldaddy_link( $content ) {
|
| 927 |
+
if ( false === strpos( $content, "polldaddy.com/" ) )
|
| 928 |
+
return $content;
|
| 929 |
+
$textarr = wp_html_split( $content );
|
| 930 |
+
unset( $content );
|
| 931 |
+
foreach( $textarr as &$element ) {
|
| 932 |
+
if ( '' === $element || '<' === $element{0} )
|
| 933 |
+
continue;
|
| 934 |
+
$element = preg_replace( '!(?:\n|\A)http://polldaddy.com/poll/([0-9]+?)/(.+)?(?:\n|\Z)!i', "\n<script type='text/javascript' charset='utf-8' src='//static.polldaddy.com/p/$1.js'></script><noscript> <a href='http://polldaddy.com/poll/$1/'>View Poll</a></noscript>\n", $element );
|
| 935 |
+
}
|
| 936 |
+
return join( $textarr );
|
| 937 |
}
|
| 938 |
|
| 939 |
// higher priority because we need it before auto-link and autop get to it
|
polldaddy.php
CHANGED
|
@@ -6,7 +6,7 @@ Plugin URI: http://wordpress.org/extend/plugins/polldaddy/
|
|
| 6 |
Description: Create and manage Polldaddy polls and ratings in WordPress
|
| 7 |
Author: Automattic, Inc.
|
| 8 |
Author URL: http://polldaddy.com/
|
| 9 |
-
Version: 2.0.
|
| 10 |
*/
|
| 11 |
|
| 12 |
// You can hardcode your Polldaddy PartnerGUID (API Key) here
|
| 6 |
Description: Create and manage Polldaddy polls and ratings in WordPress
|
| 7 |
Author: Automattic, Inc.
|
| 8 |
Author URL: http://polldaddy.com/
|
| 9 |
+
Version: 2.0.32
|
| 10 |
*/
|
| 11 |
|
| 12 |
// You can hardcode your Polldaddy PartnerGUID (API Key) here
|
readme.txt
CHANGED
|
@@ -1,9 +1,9 @@
|
|
| 1 |
=== Polldaddy Polls & Ratings ===
|
| 2 |
-
Contributors: eoigal, mdawaffe, donncha, johnny5
|
| 3 |
Tags: polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
|
| 4 |
Requires at least: 3.3
|
| 5 |
Tested up to: 4.5.2
|
| 6 |
-
Stable tag: 2.0.
|
| 7 |
|
| 8 |
Create and manage Polldaddy polls and ratings from within WordPress.
|
| 9 |
|
|
@@ -120,6 +120,9 @@ Fixed the "top ratings" widget on secure sites
|
|
| 120 |
|
| 121 |
== Changelog ==
|
| 122 |
|
|
|
|
|
|
|
|
|
|
| 123 |
= 2.0.31 =
|
| 124 |
* Fixed the "top ratings" widget on secure sites
|
| 125 |
|
| 1 |
=== Polldaddy Polls & Ratings ===
|
| 2 |
+
Contributors: eoigal, mdawaffe, donncha, johnny5, panosktn
|
| 3 |
Tags: polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
|
| 4 |
Requires at least: 3.3
|
| 5 |
Tested up to: 4.5.2
|
| 6 |
+
Stable tag: 2.0.32
|
| 7 |
|
| 8 |
Create and manage Polldaddy polls and ratings from within WordPress.
|
| 9 |
|
| 120 |
|
| 121 |
== Changelog ==
|
| 122 |
|
| 123 |
+
= 2.0.32 =
|
| 124 |
+
* Fix xss vulnerability when adding Polldaddy links to post content
|
| 125 |
+
|
| 126 |
= 2.0.31 =
|
| 127 |
* Fixed the "top ratings" widget on secure sites
|
| 128 |
|
