Version Description
- A security fix to remove a vunerability to SQL injection with the slide duplication function.
Download this release
Release Info
| Developer | simonpedge |
| Plugin |  Slide Anything – Responsive Content / HTML Slider and Carousel |
| Version | 2.3.41 |
| Comparing to | |
| See all releases | |
Code changes from version 2.3.40 to 2.3.41
- php/slide-anything-admin.php +6 -1
- readme.txt +6 -0
- slide-anything.php +1 -1
php/slide-anything-admin.php
CHANGED
|
@@ -3015,7 +3015,12 @@ function duplicate_sa_slider_post_as_draft() {
|
|
| 3015 |
$meta_key = $meta_info->meta_key;
|
| 3016 |
if ($meta_key == '_wp_old_slug') continue;
|
| 3017 |
$meta_value = addslashes($meta_info->meta_value);
|
| 3018 |
-
$sql_query_sel[]=
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3019 |
}
|
| 3020 |
$sql_query.= implode(" UNION ALL ", $sql_query_sel);
|
| 3021 |
$wpdb->query($sql_query);
|
| 3015 |
$meta_key = $meta_info->meta_key;
|
| 3016 |
if ($meta_key == '_wp_old_slug') continue;
|
| 3017 |
$meta_value = addslashes($meta_info->meta_value);
|
| 3018 |
+
$sql_query_sel[] = $wpdb->prepare(
|
| 3019 |
+
"SELECT %d, %s, $s",
|
| 3020 |
+
$new_post_id,
|
| 3021 |
+
$meta_key,
|
| 3022 |
+
$meta_value
|
| 3023 |
+
);
|
| 3024 |
}
|
| 3025 |
$sql_query.= implode(" UNION ALL ", $sql_query_sel);
|
| 3026 |
$wpdb->query($sql_query);
|
readme.txt
CHANGED
|
@@ -98,6 +98,9 @@ Adding a SLIDE ANYTHING slider using the WordPress 5.0 'Block Editor' is pretty
|
|
| 98 |
|
| 99 |
== Changelog ==
|
| 100 |
|
|
|
|
|
|
|
|
|
|
| 101 |
= 2.3.40 =
|
| 102 |
* Set the hover title text for slide links to an empty string (i.e. blank)
|
| 103 |
|
|
@@ -734,3 +737,6 @@ Adding a SLIDE ANYTHING slider using the WordPress 5.0 'Block Editor' is pretty
|
|
| 734 |
|
| 735 |
= 2.3.40 =
|
| 736 |
* Set the hover title text for slide links to an empty string (i.e. blank)
|
|
|
|
|
|
|
|
|
| 98 |
|
| 99 |
== Changelog ==
|
| 100 |
|
| 101 |
+
= 2.3.41 =
|
| 102 |
+
* A security fix to remove a vunerability to SQL injection with the slide duplication function.
|
| 103 |
+
|
| 104 |
= 2.3.40 =
|
| 105 |
* Set the hover title text for slide links to an empty string (i.e. blank)
|
| 106 |
|
| 737 |
|
| 738 |
= 2.3.40 =
|
| 739 |
* Set the hover title text for slide links to an empty string (i.e. blank)
|
| 740 |
+
|
| 741 |
+
= 2.3.41 =
|
| 742 |
+
* A security fix to remove a vunerability to SQL injection with the slide duplication function.
|
slide-anything.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
* Plugin URI: https://wordpress.org/plugins/slide-anything/
|
| 5 |
* Description: Slide Anything allows you to create a carousel/slider where the content for each slide can be anything you want - images, text, HTML, and even shortcodes. This plugin uses the Owl Carousel jQuery plugin, and lets you create beautiful, touch enabled, responsive carousels and sliders.
|
| 6 |
* Author: Simon Edge
|
| 7 |
-
* Version: 2.3.
|
| 8 |
* License: GPLv2 or later
|
| 9 |
*/
|
| 10 |
|
| 4 |
* Plugin URI: https://wordpress.org/plugins/slide-anything/
|
| 5 |
* Description: Slide Anything allows you to create a carousel/slider where the content for each slide can be anything you want - images, text, HTML, and even shortcodes. This plugin uses the Owl Carousel jQuery plugin, and lets you create beautiful, touch enabled, responsive carousels and sliders.
|
| 6 |
* Author: Simon Edge
|
| 7 |
+
* Version: 2.3.41
|
| 8 |
* License: GPLv2 or later
|
| 9 |
*/
|
| 10 |
|
