WordPress Social Sharing Plugin – Sassy Social Share - Version 3.3.4

Version Description

[6 November 2019] = [Bugfix] Fixed XSS vulnerability on "heateor_sss_sharing_count" AJAX action

Download this release

Release Info

Developer Heateor
Plugin Icon 128x128 WordPress Social Sharing Plugin – Sassy Social Share
Version 3.3.4
Comparing to
See all releases

Code changes from version 3.3.3 to 3.3.4

Files changed (3) hide show
  1. public/class-sassy-social-share-public.php +2 -1
  2. readme.txt +9 -3
  3. sassy-social-share.php +2 -2
public/class-sassy-social-share-public.php CHANGED
@@ -1511,6 +1511,7 @@ class Sassy_Social_Share_Public {
1511
  private function ajax_response( $response ) {
1512
 
1513
  $response = apply_filters( 'heateor_sss_ajax_response_filter', $response );
 
1514
  die( json_encode( $response ) );
1515
 
1516
  }
@@ -1540,7 +1541,7 @@ class Sassy_Social_Share_Public {
1540
  if ( isset( $_GET['urls'] ) && count( $_GET['urls'] ) > 0 ) {
1541
  $target_urls = array_unique( $_GET['urls'] );
1542
  foreach ( $target_urls as $k => $v ) {
1543
- $target_urls[$k] = esc_attr( $v );
1544
  }
1545
  } else {
1546
  $this->ajax_response( array( 'status' => 0, 'message' => __( 'Invalid request' ) ) );
1511
  private function ajax_response( $response ) {
1512
 
1513
  $response = apply_filters( 'heateor_sss_ajax_response_filter', $response );
1514
+ header( 'Content-Type: application/json' );
1515
  die( json_encode( $response ) );
1516
 
1517
  }
1541
  if ( isset( $_GET['urls'] ) && count( $_GET['urls'] ) > 0 ) {
1542
  $target_urls = array_unique( $_GET['urls'] );
1543
  foreach ( $target_urls as $k => $v ) {
1544
+ $target_urls[esc_attr( $k )] = esc_attr( $v );
1545
  }
1546
  } else {
1547
  $this->ajax_response( array( 'status' => 0, 'message' => __( 'Invalid request' ) ) );
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: Heateor, jatin8heateor, farhan8heateor
3
  Donate link: https://www.heateor.com/donate/?action=Sassy+Social+Share
4
  Tags: social share, social sharing, social media share, share facebook, facebook social share, wordpress social share, share buttons, social share buttons, facebook like, twitter tweet, whatsapp share, line share
5
  Requires at least: 2.5.0
6
- Tested up to: 5.2.4
7
- Stable tag: 3.3.3
8
  License: GPLv2 or later
9
 
10
  Slickest, Simplest and Optimized Share buttons. Facebook, Twitter, Reddit, Pinterest, WhatsApp and over 100 more.
@@ -123,6 +123,9 @@ Yes, we can help you with it. Just drop an email at support[at]heateor[dot]com
123
  4. **Universal Sharing Popup**: Universal Sharing popup having all the supported sharing and bookmarking services
124
 
125
  == Changelog ==
 
 
 
126
  = 3.3.3 [26 October 2019] =
127
  [Bugfix] Changing Alignment of floating follow icons was not changing the label of offset option right below that in "Sassy Social Share - Follow Icons" widget
128
 
@@ -835,4 +838,7 @@ Yes, we can help you with it. Just drop an email at support[at]heateor[dot]com
835
  [Bugfix] Custom theme for Social Media Follow icons was not working for Instagram icon, if multi-colored background was enabled
836
 
837
  = 3.3.3 [26 October 2019] =
838
- [Bugfix] Changing Alignment of floating follow icons was not changing the label of offset option right below that in "Sassy Social Share - Follow Icons" widget
 
 
 
3
  Donate link: https://www.heateor.com/donate/?action=Sassy+Social+Share
4
  Tags: social share, social sharing, social media share, share facebook, facebook social share, wordpress social share, share buttons, social share buttons, facebook like, twitter tweet, whatsapp share, line share
5
  Requires at least: 2.5.0
6
+ Tested up to: 5.3
7
+ Stable tag: 3.3.4
8
  License: GPLv2 or later
9
 
10
  Slickest, Simplest and Optimized Share buttons. Facebook, Twitter, Reddit, Pinterest, WhatsApp and over 100 more.
123
  4. **Universal Sharing Popup**: Universal Sharing popup having all the supported sharing and bookmarking services
124
 
125
  == Changelog ==
126
+ = 3.3.4 [6 November 2019] =
127
+ [Bugfix] Fixed XSS vulnerability on "heateor_sss_sharing_count" AJAX action
128
+
129
  = 3.3.3 [26 October 2019] =
130
  [Bugfix] Changing Alignment of floating follow icons was not changing the label of offset option right below that in "Sassy Social Share - Follow Icons" widget
131
 
838
  [Bugfix] Custom theme for Social Media Follow icons was not working for Instagram icon, if multi-colored background was enabled
839
 
840
  = 3.3.3 [26 October 2019] =
841
+ [Bugfix] Changing Alignment of floating follow icons was not changing the label of offset option right below that in "Sassy Social Share - Follow Icons" widget
842
+
843
+ = 3.3.4 [6 November 2019] =
844
+ [Bugfix] Fixed XSS vulnerability on "heateor_sss_sharing_count" AJAX action
sassy-social-share.php CHANGED
@@ -7,7 +7,7 @@
7
  * Plugin Name: Sassy Social Share
8
  * Plugin URI: https://www.heateor.com
9
  * Description: Slickest, Simplest and Optimized Share buttons. Facebook, Twitter, Reddit, Pinterest, WhatsApp and over 100 more
10
- * Version: 3.3.3
11
  * Author: Team Heateor
12
  * Author URI: https://www.heateor.com
13
  * Text Domain: sassy-social-share
@@ -21,7 +21,7 @@ if ( ! defined( 'WPINC' ) ) {
21
  die;
22
  }
23
 
24
- define( 'HEATEOR_SSS_VERSION', '3.3.3' );
25
  define( 'HEATEOR_SSS_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
26
 
27
  // plugin core class object
7
  * Plugin Name: Sassy Social Share
8
  * Plugin URI: https://www.heateor.com
9
  * Description: Slickest, Simplest and Optimized Share buttons. Facebook, Twitter, Reddit, Pinterest, WhatsApp and over 100 more
10
+ * Version: 3.3.4
11
  * Author: Team Heateor
12
  * Author URI: https://www.heateor.com
13
  * Text Domain: sassy-social-share
21
  die;
22
  }
23
 
24
+ define( 'HEATEOR_SSS_VERSION', '3.3.4' );
25
  define( 'HEATEOR_SSS_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
26
 
27
  // plugin core class object