Version Description
Download this release
Release Info
| Developer | Acunetix |
| Plugin |  Acunetix Secure WordPress |
| Version | trunk |
| Comparing to | |
| See all releases | |
Code changes from version 3.0 to trunk
- index.php +2 -2
- readme.txt +13 -2
- res/inc/SwpaLiveTraffic.php +2 -2
- res/pages/tpl/box-database-backup.php +4 -1
- swpa-settings.php +1 -1
index.php
CHANGED
|
@@ -3,13 +3,13 @@
|
|
| 3 |
Plugin Name: Acunetix Secure WordPress
|
| 4 |
Plugin URI: http://www.acunetix.com/websitesecurity/wordpress-security-plugin/
|
| 5 |
Description: The Acunetix Secure WordPress plugin is the ultimate must-have tool when it comes to WordPress security. The plugin is free and monitors your website for security weaknesses that hackers might exploit and tells you how to easily fix them.
|
| 6 |
-
Version: 3.0.
|
| 7 |
Author: Acunetix
|
| 8 |
Author URI: http://www.acunetix.com/
|
| 9 |
License: GPLv2 or later
|
| 10 |
Text Domain: WSDWP_SECURITY
|
| 11 |
Domain Path: /languages
|
| 12 |
-
|
| 13 |
define('SWPA_PLUGIN_PREFIX', 'swpa_');
|
| 14 |
define('SWPA_PLUGIN_NAME', 'Acunetix Secure WordPress');
|
| 15 |
define('SWPA_PLUGIN_URL', trailingslashit(plugins_url('', __FILE__)));
|
| 3 |
Plugin Name: Acunetix Secure WordPress
|
| 4 |
Plugin URI: http://www.acunetix.com/websitesecurity/wordpress-security-plugin/
|
| 5 |
Description: The Acunetix Secure WordPress plugin is the ultimate must-have tool when it comes to WordPress security. The plugin is free and monitors your website for security weaknesses that hackers might exploit and tells you how to easily fix them.
|
| 6 |
+
Version: 3.0.4
|
| 7 |
Author: Acunetix
|
| 8 |
Author URI: http://www.acunetix.com/
|
| 9 |
License: GPLv2 or later
|
| 10 |
Text Domain: WSDWP_SECURITY
|
| 11 |
Domain Path: /languages
|
| 12 |
+
*/
|
| 13 |
define('SWPA_PLUGIN_PREFIX', 'swpa_');
|
| 14 |
define('SWPA_PLUGIN_NAME', 'Acunetix Secure WordPress');
|
| 15 |
define('SWPA_PLUGIN_URL', trailingslashit(plugins_url('', __FILE__)));
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Contributors: Acunetix
|
|
| 4 |
Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts,
|
| 5 |
plugins, private, protection, tracking, wordpress
|
| 6 |
Requires at least: 3.0
|
| 7 |
-
Tested up to:
|
| 8 |
Stable tag: trunk
|
| 9 |
|
| 10 |
Scans your WordPress installation for security vulnerabilities.
|
|
@@ -146,6 +146,18 @@ on the <a href="http://wordpress.org/support/plugin/secure-wordpress" target="_b
|
|
| 146 |
|
| 147 |
== Changelog ==
|
| 148 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 149 |
= 3.0.0 =
|
| 150 |
* Complete core update
|
| 151 |
* Added live traffic functionality
|
|
@@ -154,7 +166,6 @@ on the <a href="http://wordpress.org/support/plugin/secure-wordpress" target="_b
|
|
| 154 |
* Security settings are now configurable
|
| 155 |
* Removed all languages
|
| 156 |
|
| 157 |
-
|
| 158 |
= v2.0.8 =
|
| 159 |
* Removed the registration requirement
|
| 160 |
|
| 4 |
Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts,
|
| 5 |
plugins, private, protection, tracking, wordpress
|
| 6 |
Requires at least: 3.0
|
| 7 |
+
Tested up to: 4.2
|
| 8 |
Stable tag: trunk
|
| 9 |
|
| 10 |
Scans your WordPress installation for security vulnerabilities.
|
| 146 |
|
| 147 |
== Changelog ==
|
| 148 |
|
| 149 |
+
= 3.0.4 =
|
| 150 |
+
* Fixed XSS issue
|
| 151 |
+
|
| 152 |
+
= 3.0.3 =
|
| 153 |
+
* Added CSRF prevention mechanism
|
| 154 |
+
|
| 155 |
+
= 3.0.2 =
|
| 156 |
+
* Add support for WordPress 4.0
|
| 157 |
+
|
| 158 |
+
= 3.0.1 =
|
| 159 |
+
* Added the missing files
|
| 160 |
+
|
| 161 |
= 3.0.0 =
|
| 162 |
* Complete core update
|
| 163 |
* Added live traffic functionality
|
| 166 |
* Security settings are now configurable
|
| 167 |
* Removed all languages
|
| 168 |
|
|
|
|
| 169 |
= v2.0.8 =
|
| 170 |
* Removed the registration requirement
|
| 171 |
|
res/inc/SwpaLiveTraffic.php
CHANGED
|
@@ -195,8 +195,8 @@ class SwpaLiveTraffic
|
|
| 195 |
//@todo: add geo-location + flag
|
| 196 |
|
| 197 |
$result['data'] .= '<p><span class="w-ip">'.$entry->entryIp . '</span> ';
|
| 198 |
-
$rurl = urldecode($entry->entryRequestedUrl);
|
| 199 |
-
$result['data'] .= $ref.' '.__('requested').' <span class="w-entry"><a href="'.$rurl.'" target="_blank" '.$title.'>'
|
| 200 |
$result['data'] .= '<p><strong>'.__('Date').'</strong>: <span class="w-date">'.$entry->entryTime.'</span></p>';
|
| 201 |
$result['data'] .= '<p><strong>'.__('Agent').'</strong>: <span class="w-ua">'.htmlentities($entry->entryUA,ENT_QUOTES).'</span></p>';
|
| 202 |
$result['data'] .= '</div>';
|
| 195 |
//@todo: add geo-location + flag
|
| 196 |
|
| 197 |
$result['data'] .= '<p><span class="w-ip">'.$entry->entryIp . '</span> ';
|
| 198 |
+
$rurl = htmlentities(urldecode($entry->entryRequestedUrl), ENT_QUOTES);
|
| 199 |
+
$result['data'] .= $ref.' '.__('requested').' <span class="w-entry"><a href="'.$rurl.'" target="_blank" '.$title.'>'.$rurl.'</a></span></p>';
|
| 200 |
$result['data'] .= '<p><strong>'.__('Date').'</strong>: <span class="w-date">'.$entry->entryTime.'</span></p>';
|
| 201 |
$result['data'] .= '<p><strong>'.__('Agent').'</strong>: <span class="w-ua">'.htmlentities($entry->entryUA,ENT_QUOTES).'</span></p>';
|
| 202 |
$result['data'] .= '</div>';
|
res/pages/tpl/box-database-backup.php
CHANGED
|
@@ -24,7 +24,9 @@ if (is_dir($wsd_bckDirPath) && is_writable($wsd_bckDirPath)) :
|
|
| 24 |
{
|
| 25 |
if (isset($_POST['wsd_db_backup']))
|
| 26 |
{
|
| 27 |
-
|
|
|
|
|
|
|
| 28 |
if ('' <> ($fname = SwpaUtil::backupDatabase())) {
|
| 29 |
echo '<p class="acx-info-box">';
|
| 30 |
echo '<span>',__('Database successfully backed up!'),'</span>';
|
|
@@ -43,6 +45,7 @@ if (is_dir($wsd_bckDirPath) && is_writable($wsd_bckDirPath)) :
|
|
| 43 |
?>
|
| 44 |
<div class="acx-section-box">
|
| 45 |
<form action="#bckdb" method="post">
|
|
|
|
| 46 |
<input type="hidden" name="wsd_db_backup"/>
|
| 47 |
<input type="submit" class="button-primary" name="backupDatabaseButton" value="<?php echo __('Backup now!');?>"/>
|
| 48 |
</form>
|
| 24 |
{
|
| 25 |
if (isset($_POST['wsd_db_backup']))
|
| 26 |
{
|
| 27 |
+
if (function_exists('wp_nonce_field')) {
|
| 28 |
+
check_admin_referer('swp-backup-database-nonce');
|
| 29 |
+
}
|
| 30 |
if ('' <> ($fname = SwpaUtil::backupDatabase())) {
|
| 31 |
echo '<p class="acx-info-box">';
|
| 32 |
echo '<span>',__('Database successfully backed up!'),'</span>';
|
| 45 |
?>
|
| 46 |
<div class="acx-section-box">
|
| 47 |
<form action="#bckdb" method="post">
|
| 48 |
+
<?php if (function_exists('wp_nonce_field')) { wp_nonce_field('swp-backup-database-nonce'); } ?>
|
| 49 |
<input type="hidden" name="wsd_db_backup"/>
|
| 50 |
<input type="submit" class="button-primary" name="backupDatabaseButton" value="<?php echo __('Backup now!');?>"/>
|
| 51 |
</form>
|
swpa-settings.php
CHANGED
|
@@ -37,7 +37,7 @@ define('SWPA_PLUGIN_SETTINGS_OPTION_NAME', 'wsdplugin_settings');
|
|
| 37 |
/**
|
| 38 |
* Set the path to the WebsiteDefender.com feed
|
| 39 |
*/
|
| 40 |
-
define('SWPA_PLUGIN_BLOG_FEED','http://
|
| 41 |
|
| 42 |
/**
|
| 43 |
* Sets the list of files to check for permissions
|
| 37 |
/**
|
| 38 |
* Set the path to the WebsiteDefender.com feed
|
| 39 |
*/
|
| 40 |
+
define('SWPA_PLUGIN_BLOG_FEED','http://feeds.acunetix.com/acunetixwebapplicationsecurityblog');
|
| 41 |
|
| 42 |
/**
|
| 43 |
* Sets the list of files to check for permissions
|
