The Plus Addons for Elementor | FREE Elementor Widgets & Elementor Templates, Header Menu, Blog Post Builder, Dark Mode, Full-Page Scroll, Cross Domain Copy - Version 2.0.6

Version Description

Security Fix : Security error related to HTML tags validation (nearly identical to Elementor's Recent Patch) Fix : JS bug fix and improvements

Download this release

Release Info

Developer posimyththemes
Plugin Icon wp plugin The Plus Addons for Elementor | FREE Elementor Widgets & Elementor Templates, Header Menu, Blog Post Builder, Dark Mode, Full-Page Scroll, Cross Domain Copy
Version 2.0.6
Comparing to
See all releases

Code changes from version 2.0.5 to 2.0.6

Files changed (15) hide show
  1. includes/blog/post-meta-title.php +2 -2
  2. includes/client/post-meta-title.php +4 -3
  3. includes/gallery/meta-title.php +4 -3
  4. includes/plus_addon.php +26 -0
  5. includes/team-member/post-meta-title.php +4 -3
  6. includes/testimonial/post-meta-title.php +3 -2
  7. modules/helper-function.php +1 -0
  8. modules/widgets/tp_accordion.php +2 -2
  9. modules/widgets/tp_heading_animation.php +12 -12
  10. modules/widgets/tp_heading_title.php +3 -3
  11. modules/widgets/tp_hovercard.php +21 -21
  12. modules/widgets/tp_info_box.php +1 -1
  13. readme.txt +5 -1
  14. theplus_elementor_addon.php +13 -2
  15. widgets_loader.php +2 -6
includes/blog/post-meta-title.php CHANGED
@@ -4,6 +4,6 @@ if(!isset($post_title_tag) && empty($post_title_tag)){
4
  }
5
  $title_text=esc_html(get_the_title());
6
  ?>
7
- <<?php echo $post_title_tag; ?> class="post-title">
8
  <a href="<?php echo esc_url(get_the_permalink()); ?>"><?php echo $title_text; ?></a>
9
- </<?php echo $post_title_tag; ?>>
4
  }
5
  $title_text=esc_html(get_the_title());
6
  ?>
7
+ <<?php echo l_theplus_validate_html_tag($post_title_tag); ?> class="post-title">
8
  <a href="<?php echo esc_url(get_the_permalink()); ?>"><?php echo $title_text; ?></a>
9
+ </<?php echo l_theplus_validate_html_tag($post_title_tag); ?>>
includes/client/post-meta-title.php CHANGED
@@ -1,9 +1,10 @@
1
- <?php if(!isset($post_title_tag) && empty($post_title_tag)){
 
2
  $post_title_tag='h3';
3
  }
4
  $client_url = get_post_meta(get_the_id(), 'theplus_clients_url', true);
5
 
6
  ?>
7
- <<?php echo $post_title_tag; ?> class="post-title">
8
  <a href="<?php echo esc_url($client_url); ?>" target="_blank"><?php echo esc_html(get_the_title()); ?></a>
9
- </<?php echo $post_title_tag; ?>>
1
+ <?php
2
+ if(!isset($post_title_tag) && empty($post_title_tag)){
3
  $post_title_tag='h3';
4
  }
5
  $client_url = get_post_meta(get_the_id(), 'theplus_clients_url', true);
6
 
7
  ?>
8
+ <<?php echo l_theplus_validate_html_tag($post_title_tag); ?> class="post-title">
9
  <a href="<?php echo esc_url($client_url); ?>" target="_blank"><?php echo esc_html(get_the_title()); ?></a>
10
+ </<?php echo l_theplus_validate_html_tag($post_title_tag); ?>>
includes/gallery/meta-title.php CHANGED
@@ -1,11 +1,12 @@
1
- <?php if(!isset($post_title_tag) && empty($post_title_tag)){
 
2
  $post_title_tag='h3';
3
  } ?>
4
- <<?php echo $post_title_tag; ?> class="post-title">
5
  <?php
6
  if($popup_style!='no'){ ?>
7
  <a href="<?php echo esc_url($full_image); ?>" <?php echo $popup_attr; ?>><?php echo esc_html($title); ?></a>
8
  <?php }else{
9
  echo esc_html($title);
10
  } ?>
11
- </<?php echo $post_title_tag; ?>>
1
+ <?php
2
+ if(!isset($post_title_tag) && empty($post_title_tag)){
3
  $post_title_tag='h3';
4
  } ?>
5
+ <<?php echo l_theplus_validate_html_tag($post_title_tag); ?> class="post-title">
6
  <?php
7
  if($popup_style!='no'){ ?>
8
  <a href="<?php echo esc_url($full_image); ?>" <?php echo $popup_attr; ?>><?php echo esc_html($title); ?></a>
9
  <?php }else{
10
  echo esc_html($title);
11
  } ?>
12
+ </<?php echo l_theplus_validate_html_tag($post_title_tag); ?>>
includes/plus_addon.php CHANGED
@@ -5,6 +5,32 @@
5
 
6
  add_image_size( 'tp-image-grid', 700, 700, true);
7
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
8
  /*panel start*/
9
  function theplus_free_import_data_content(){
10
  echo '<div class="tp-pro-note-title"><p>Collection of 18+ Full page Templates, All PlusWidget Pages, All PlusListing Pages, All PlusExtras Pages, and 300+ Special UI Blocks with our pro version.</p></div>
5
 
6
  add_image_size( 'tp-image-grid', 700, 700, true);
7
 
8
+ // Check Html Tag
9
+ function l_theplus_html_tag_check(){
10
+ return [ 'div',
11
+ 'h1',
12
+ 'h2',
13
+ 'h3',
14
+ 'h4',
15
+ 'h5',
16
+ 'h6',
17
+ 'span',
18
+ 'p',
19
+ 'header',
20
+ 'footer',
21
+ 'article',
22
+ 'aside',
23
+ 'main',
24
+ 'nav',
25
+ 'section',
26
+ ];
27
+ }
28
+
29
+ function l_theplus_validate_html_tag( $check_tag ) {
30
+ return in_array( strtolower( $check_tag ), l_theplus_html_tag_check() ) ? $check_tag : 'div';
31
+ }
32
+
33
+
34
  /*panel start*/
35
  function theplus_free_import_data_content(){
36
  echo '<div class="tp-pro-note-title"><p>Collection of 18+ Full page Templates, All PlusWidget Pages, All PlusListing Pages, All PlusExtras Pages, and 300+ Special UI Blocks with our pro version.</p></div>
includes/team-member/post-meta-title.php CHANGED
@@ -1,6 +1,7 @@
1
- <?php if(!isset($post_title_tag) && empty($post_title_tag)){
 
2
  $post_title_tag='h3';
3
  } ?>
4
- <<?php echo $post_title_tag; ?> class="post-title">
5
  <a href="<?php echo esc_url(get_the_permalink()); ?>"><?php echo esc_html(get_the_title()); ?></a>
6
- </<?php echo $post_title_tag; ?>>
1
+ <?php
2
+ if(!isset($post_title_tag) && empty($post_title_tag)){
3
  $post_title_tag='h3';
4
  } ?>
5
+ <<?php echo l_theplus_validate_html_tag($post_title_tag); ?> class="post-title">
6
  <a href="<?php echo esc_url(get_the_permalink()); ?>"><?php echo esc_html(get_the_title()); ?></a>
7
+ </<?php echo l_theplus_validate_html_tag($post_title_tag); ?>>
includes/testimonial/post-meta-title.php CHANGED
@@ -1,9 +1,10 @@
1
- <?php $testimonial_title = get_post_meta(get_the_id(), 'theplus_testimonial_title', true);
 
2
 
3
  if(empty($post_title_tag)){
4
  $post_title_tag='h3';
5
  }
6
 
7
  if(!empty($testimonial_title)){ ?>
8
- <<?php echo $post_title_tag; ?> class="testimonial-author-title"><?php echo esc_html($testimonial_title); ?></<?php echo $post_title_tag; ?>>
9
  <?php } ?>
1
+ <?php
2
+ $testimonial_title = get_post_meta(get_the_id(), 'theplus_testimonial_title', true);
3
 
4
  if(empty($post_title_tag)){
5
  $post_title_tag='h3';
6
  }
7
 
8
  if(!empty($testimonial_title)){ ?>
9
+ <<?php echo l_theplus_validate_html_tag($post_title_tag); ?> class="testimonial-author-title"><?php echo esc_html($testimonial_title); ?></<?php echo l_theplus_validate_html_tag($post_title_tag); ?>>
10
  <?php } ?>
modules/helper-function.php CHANGED
@@ -1,6 +1,7 @@
1
  <?php
2
  namespace TheplusAddons\Widgets;
3
  use TheplusAddons\L_Theplus_Element_Load;
 
4
  // Get Elementor Template
5
  function l_theplus_get_templates() {
6
  $templates = L_Theplus_Element_Load::elementor()->templates_manager->get_source( 'local' )->get_items();
1
  <?php
2
  namespace TheplusAddons\Widgets;
3
  use TheplusAddons\L_Theplus_Element_Load;
4
+
5
  // Get Elementor Template
6
  function l_theplus_get_templates() {
7
  $templates = L_Theplus_Element_Load::elementor()->templates_manager->get_source( 'local' )->get_items();
modules/widgets/tp_accordion.php CHANGED
@@ -1078,7 +1078,7 @@ class L_ThePlus_Accordion extends Widget_Base {
1078
  $accordion_toggle_icon='';
1079
  ?>
1080
  <div class="theplus-accordion-item">
1081
- <<?php echo $settings['title_html_tag']; ?> <?php echo $this->get_render_attribute_string( $tab_title_setting_key ); ?>>
1082
  <?php if ( $settings['display_icon']=='yes' ) : ?>
1083
  <?php
1084
  if($settings['icon_style']=='font_awesome'){
@@ -1118,7 +1118,7 @@ class L_ThePlus_Accordion extends Widget_Base {
1118
  <?php if(!empty($settings['icon_align']) && $settings['icon_align']=='right'){
1119
  echo $accordion_toggle_icon;
1120
  } ?>
1121
- </<?php echo $settings['title_html_tag']; ?>>
1122
 
1123
  <?php if(($item['content_source']=='content' && !empty($item['tab_content']))){ ?>
1124
  <div <?php echo $this->get_render_attribute_string( $tab_content_setting_key ); ?>>
1078
  $accordion_toggle_icon='';
1079
  ?>
1080
  <div class="theplus-accordion-item">
1081
+ <<?php echo l_theplus_validate_html_tag($settings['title_html_tag']); ?> <?php echo $this->get_render_attribute_string( $tab_title_setting_key ); ?>>
1082
  <?php if ( $settings['display_icon']=='yes' ) : ?>
1083
  <?php
1084
  if($settings['icon_style']=='font_awesome'){
1118
  <?php if(!empty($settings['icon_align']) && $settings['icon_align']=='right'){
1119
  echo $accordion_toggle_icon;
1120
  } ?>
1121
+ </<?php echo l_theplus_validate_html_tag($settings['title_html_tag']); ?>>
1122
 
1123
  <?php if(($item['content_source']=='content' && !empty($item['tab_content']))){ ?>
1124
  <div <?php echo $this->get_render_attribute_string( $tab_content_setting_key ); ?>>
modules/widgets/tp_heading_animation.php CHANGED
@@ -419,7 +419,7 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
419
  $heading_animation ='<div class="pt-plus-heading-animation heading-animation head-anim-'.esc_attr($anim_styles).' '.esc_attr($animated_class).' '.esc_attr($uid).'" '.$animation_attr.'>';
420
 
421
  if ($anim_styles == 'style-1') {
422
- $heading_animation .='<'.$ani_title_tag.' class="pt-plus-cd-headline letters type" >';
423
  if($prefix != ''){
424
  $heading_animation .='<span >'.$prefix.' </span>';
425
  }
@@ -449,10 +449,10 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
449
  if($postfix != ''){
450
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
451
  }
452
- $heading_animation .='</'.$ani_title_tag.'>';
453
  }
454
  if ($anim_styles == 'style-2') {
455
- $heading_animation .='<'.$ani_title_tag.' class="pt-plus-cd-headline rotate-1" >';
456
  if($prefix != ''){
457
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
458
  }
@@ -481,10 +481,10 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
481
  if($postfix != ''){
482
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
483
  }
484
- $heading_animation .='</'.$ani_title_tag.'>';
485
  }
486
  if ($anim_styles == 'style-3') {
487
- $heading_animation .='<'.$ani_title_tag.' class="pt-plus-cd-headline zoom" >';
488
  if($prefix != ''){
489
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
490
  }
@@ -514,10 +514,10 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
514
  if($postfix != ''){
515
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
516
  }
517
- $heading_animation .='</'.$ani_title_tag.'>';
518
  }
519
  if ($anim_styles == 'style-4') {
520
- $heading_animation .='<'.$ani_title_tag.' class="pt-plus-cd-headline loading-bar " >';
521
  if($prefix != ''){
522
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
523
  }
@@ -547,10 +547,10 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
547
  if($postfix != ''){
548
  $heading_animation .='<span > '.esc_html($postfix).'</span>';
549
  }
550
- $heading_animation .='</'.$ani_title_tag.'>';
551
  }
552
  if ($anim_styles == 'style-5') {
553
- $heading_animation .='<'.$ani_title_tag.' class="pt-plus-cd-headline push" >';
554
  if($prefix != ''){
555
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
556
  }
@@ -580,10 +580,10 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
580
  if($postfix != ''){
581
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
582
  }
583
- $heading_animation .='</'.$ani_title_tag.'>';
584
  }
585
  if ($anim_styles == 'style-6') {
586
- $heading_animation .='<'.$ani_title_tag.' class="pt-plus-cd-headline letters scale" >';
587
  if($prefix != ''){
588
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
589
  }
@@ -613,7 +613,7 @@ class L_ThePlus_Heading_Animation extends Widget_Base {
613
  if($postfix != ''){
614
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
615
  }
616
- $heading_animation .='</'.$ani_title_tag.'>';
617
  }
618
  $heading_animation .='</div>';
619
 
419
  $heading_animation ='<div class="pt-plus-heading-animation heading-animation head-anim-'.esc_attr($anim_styles).' '.esc_attr($animated_class).' '.esc_attr($uid).'" '.$animation_attr.'>';
420
 
421
  if ($anim_styles == 'style-1') {
422
+ $heading_animation .='<'.l_theplus_validate_html_tag($ani_title_tag).' class="pt-plus-cd-headline letters type" >';
423
  if($prefix != ''){
424
  $heading_animation .='<span >'.$prefix.' </span>';
425
  }
449
  if($postfix != ''){
450
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
451
  }
452
+ $heading_animation .='</'.l_theplus_validate_html_tag($ani_title_tag).'>';
453
  }
454
  if ($anim_styles == 'style-2') {
455
+ $heading_animation .='<'.l_theplus_validate_html_tag($ani_title_tag).' class="pt-plus-cd-headline rotate-1" >';
456
  if($prefix != ''){
457
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
458
  }
481
  if($postfix != ''){
482
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
483
  }
484
+ $heading_animation .='</'.l_theplus_validate_html_tag($ani_title_tag).'>';
485
  }
486
  if ($anim_styles == 'style-3') {
487
+ $heading_animation .='<'.l_theplus_validate_html_tag($ani_title_tag).' class="pt-plus-cd-headline zoom" >';
488
  if($prefix != ''){
489
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
490
  }
514
  if($postfix != ''){
515
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
516
  }
517
+ $heading_animation .='</'.l_theplus_validate_html_tag($ani_title_tag).'>';
518
  }
519
  if ($anim_styles == 'style-4') {
520
+ $heading_animation .='<'.l_theplus_validate_html_tag($ani_title_tag).' class="pt-plus-cd-headline loading-bar " >';
521
  if($prefix != ''){
522
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
523
  }
547
  if($postfix != ''){
548
  $heading_animation .='<span > '.esc_html($postfix).'</span>';
549
  }
550
+ $heading_animation .='</'.l_theplus_validate_html_tag($ani_title_tag).'>';
551
  }
552
  if ($anim_styles == 'style-5') {
553
+ $heading_animation .='<'.l_theplus_validate_html_tag($ani_title_tag).' class="pt-plus-cd-headline push" >';
554
  if($prefix != ''){
555
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
556
  }
580
  if($postfix != ''){
581
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
582
  }
583
+ $heading_animation .='</'.l_theplus_validate_html_tag($ani_title_tag).'>';
584
  }
585
  if ($anim_styles == 'style-6') {
586
+ $heading_animation .='<'.l_theplus_validate_html_tag($ani_title_tag).' class="pt-plus-cd-headline letters scale" >';
587
  if($prefix != ''){
588
  $heading_animation .='<span >'.esc_html($prefix).' </span>';
589
  }
613
  if($postfix != ''){
614
  $heading_animation .='<span > '.esc_html($postfix).' </span>';
615
  }
616
+ $heading_animation .='</'.l_theplus_validate_html_tag($ani_title_tag).'>';
617
  }
618
  $heading_animation .='</div>';
619
 
modules/widgets/tp_heading_title.php CHANGED
@@ -1346,13 +1346,13 @@ class L_Theplus_Ele_Heading_Title extends Widget_Base {
1346
 
1347
 
1348
  $title_con ='<div class="head-title '.esc_attr($mobile_center).'" > ';
1349
- $title_con .='<'.esc_attr($settings["title_h"]).' '.$this->get_render_attribute_string( "titlehref" ).' class="heading-title '.esc_attr($mobile_center).' '.esc_attr($title_gradient_cass).'" data-hover="'.esc_attr($heading_title_text).'">';
1350
  if($settings["heading_s_style"]=="text_before"){
1351
  $title_con.= $title_s_before.$heading_title_text;
1352
  }else{
1353
  $title_con.= $heading_title_text.$title_s_before;
1354
  }
1355
- $title_con .='</'.esc_attr($settings["title_h"]).'>';
1356
 
1357
  if ($heading_style =="style_4" || $heading_style =="style_9"){
1358
  $title_con .='<div class="seprator sep-l" >';
@@ -1398,7 +1398,7 @@ class L_Theplus_Ele_Heading_Title extends Widget_Base {
1398
  $sub_title_dis = $settings['sub_title'];
1399
  }
1400
  $s_title_con ='<div class="sub-heading">';
1401
- $s_title_con .='<'.esc_attr($settings["sub_title_tag"]).' class="heading-sub-title '.esc_attr($mobile_center).' '.$sub_gradient_cass.'"> '.$sub_title_dis.' </'.esc_attr($settings["sub_title_tag"]).'>';
1402
  $s_title_con .='</div>';
1403
  }
1404
  if($settings["position"] =="before"){
1346
 
1347
 
1348
  $title_con ='<div class="head-title '.esc_attr($mobile_center).'" > ';
1349
+ $title_con .='<'.esc_attr(l_theplus_validate_html_tag($settings["title_h"])).' '.$this->get_render_attribute_string( "titlehref" ).' class="heading-title '.esc_attr($mobile_center).' '.esc_attr($title_gradient_cass).'" data-hover="'.esc_attr($heading_title_text).'">';
1350
  if($settings["heading_s_style"]=="text_before"){
1351
  $title_con.= $title_s_before.$heading_title_text;
1352
  }else{
1353
  $title_con.= $heading_title_text.$title_s_before;
1354
  }
1355
+ $title_con .='</'.esc_attr(l_theplus_validate_html_tag($settings["title_h"])).'>';
1356
 
1357
  if ($heading_style =="style_4" || $heading_style =="style_9"){
1358
  $title_con .='<div class="seprator sep-l" >';
1398
  $sub_title_dis = $settings['sub_title'];
1399
  }
1400
  $s_title_con ='<div class="sub-heading">';
1401
+ $s_title_con .='<'.esc_attr(l_theplus_validate_html_tag($settings["sub_title_tag"])).' class="heading-sub-title '.esc_attr($mobile_center).' '.$sub_gradient_cass.'"> '.$sub_title_dis.' </'.esc_attr(l_theplus_validate_html_tag($settings["sub_title_tag"])).'>';
1402
  $s_title_con .='</div>';
1403
  }
1404
  if($settings["position"] =="before"){
modules/widgets/tp_hovercard.php CHANGED
@@ -1551,10 +1551,10 @@ class L_ThePlus_Hovercard extends Widget_Base {
1551
  $repeater->add_control(
1552
  'css_filter_hover_cst',
1553
  [
1554
- 'label' => esc_html__( 'CSS Filter', 'hclbe' ),
1555
  'type' => Controls_Manager::POPOVER_TOGGLE,
1556
- 'label_off' => __( 'Default', 'hclbe' ),
1557
- 'label_on' => __( 'Custom', 'hclbe' ),
1558
  'return_value' => 'yes',
1559
  'condition' => [
1560
  'open_tag!' => 'none',
@@ -1567,7 +1567,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
1567
  $repeater->add_control(
1568
  'css_filter_blur',
1569
  [
1570
- 'label' => esc_html__( 'Blur', 'hclbe' ),
1571
  'type' => Controls_Manager::SLIDER,
1572
  'range' => [
1573
  'px' => [
@@ -1591,7 +1591,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
1591
  $repeater->add_control(
1592
  'css_filter_brightness',
1593
  [
1594
- 'label' => esc_html__( 'Brightness', 'hclbe' ),
1595
  'type' => Controls_Manager::SLIDER,
1596
  'range' => [
1597
  'px' => [
@@ -1615,7 +1615,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
1615
  $repeater->add_control(
1616
  'css_filter_contrast',
1617
  [
1618
- 'label' => esc_html__( 'Contrast', 'hclbe' ),
1619
  'type' => Controls_Manager::SLIDER,
1620
  'range' => [
1621
  'px' => [
@@ -1639,7 +1639,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
1639
  $repeater->add_control(
1640
  'css_filter_saturation',
1641
  [
1642
- 'label' => esc_html__( 'Saturation', 'hclbe' ),
1643
  'type' => Controls_Manager::SLIDER,
1644
  'range' => [
1645
  'px' => [
@@ -1663,7 +1663,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
1663
  $repeater->add_control(
1664
  'css_filter_hue',
1665
  [
1666
- 'label' => esc_html__( 'Hue', 'hclbe' ),
1667
  'type' => Controls_Manager::SLIDER,
1668
  'range' => [
1669
  'px' => [
@@ -2377,10 +2377,10 @@ class L_ThePlus_Hovercard extends Widget_Base {
2377
  $repeater->add_control(
2378
  'image_css_filter_hover_cst',
2379
  [
2380
- 'label' => esc_html__( 'CSS Filter', 'hclbe' ),
2381
  'type' => Controls_Manager::POPOVER_TOGGLE,
2382
- 'label_off' => __( 'Default', 'hclbe' ),
2383
- 'label_on' => __( 'Custom', 'hclbe' ),
2384
  'return_value' => 'yes',
2385
  'condition' => [
2386
  'content_tag' => 'image',
@@ -2392,7 +2392,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2392
  $repeater->add_control(
2393
  'image_css_filter_blur',
2394
  [
2395
- 'label' => esc_html__( 'Blur', 'hclbe' ),
2396
  'type' => Controls_Manager::SLIDER,
2397
  'range' => [
2398
  'px' => [
@@ -2415,7 +2415,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2415
  $repeater->add_control(
2416
  'image_css_filter_brightness',
2417
  [
2418
- 'label' => esc_html__( 'Brightness', 'hclbe' ),
2419
  'type' => Controls_Manager::SLIDER,
2420
  'range' => [
2421
  'px' => [
@@ -2438,7 +2438,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2438
  $repeater->add_control(
2439
  'image_css_filter_contrast',
2440
  [
2441
- 'label' => esc_html__( 'Contrast', 'hclbe' ),
2442
  'type' => Controls_Manager::SLIDER,
2443
  'range' => [
2444
  'px' => [
@@ -2461,7 +2461,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2461
  $repeater->add_control(
2462
  'image_css_filter_saturation',
2463
  [
2464
- 'label' => esc_html__( 'Saturation', 'hclbe' ),
2465
  'type' => Controls_Manager::SLIDER,
2466
  'range' => [
2467
  'px' => [
@@ -2484,7 +2484,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2484
  $repeater->add_control(
2485
  'image_css_filter_hue',
2486
  [
2487
- 'label' => esc_html__( 'Hue', 'hclbe' ),
2488
  'type' => Controls_Manager::SLIDER,
2489
  'range' => [
2490
  'px' => [
@@ -2531,7 +2531,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2531
 
2532
  $open_tag='';
2533
  if(!empty($item['open_tag']) && $item['open_tag']!='none'){
2534
- $open_tag = $item['open_tag'];
2535
 
2536
  $this->add_render_attribute( 'loop_attr'.$i, 'class', 'elementor-repeater-item-' . $item['_id']);
2537
  }
@@ -2546,9 +2546,9 @@ class L_ThePlus_Hovercard extends Widget_Base {
2546
 
2547
  $close_tag='';
2548
  if(!empty($item['close_tag']) && $item['close_tag']=='close'){
2549
- $close_tag = $open_tag;
2550
  }else if(!empty($item['close_tag']) && $item['close_tag']!='close' && $item['close_tag']!='none'){
2551
- $close_tag = $item['close_tag'];
2552
  }
2553
 
2554
  /*a link*/
@@ -2567,7 +2567,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2567
 
2568
  /*Open Tag start*/
2569
  if(!empty($open_tag)){
2570
- $loopitem .= '<'.$open_tag.' '.$this->get_render_attribute_string( "loop_attr".$i ).'>';
2571
  }
2572
  /*Open Tag end*/
2573
 
@@ -2596,7 +2596,7 @@ class L_ThePlus_Hovercard extends Widget_Base {
2596
 
2597
  /*Close Tag start*/
2598
  if(!empty($item['close_tag']) && $item['close_tag']!='none'){
2599
- $loopitem .= '</'.$close_tag.'>';
2600
  }
2601
  /*Close Tag end*/
2602
 
1551
  $repeater->add_control(
1552
  'css_filter_hover_cst',
1553
  [
1554
+ 'label' => esc_html__( 'CSS Filter', 'tpebl' ),
1555
  'type' => Controls_Manager::POPOVER_TOGGLE,
1556
+ 'label_off' => __( 'Default', 'tpebl' ),
1557
+ 'label_on' => __( 'Custom', 'tpebl' ),
1558
  'return_value' => 'yes',
1559
  'condition' => [
1560
  'open_tag!' => 'none',
1567
  $repeater->add_control(
1568
  'css_filter_blur',
1569
  [
1570
+ 'label' => esc_html__( 'Blur', 'tpebl' ),
1571
  'type' => Controls_Manager::SLIDER,
1572
  'range' => [
1573
  'px' => [
1591
  $repeater->add_control(
1592
  'css_filter_brightness',
1593
  [
1594
+ 'label' => esc_html__( 'Brightness', 'tpebl' ),
1595
  'type' => Controls_Manager::SLIDER,
1596
  'range' => [
1597
  'px' => [
1615
  $repeater->add_control(
1616
  'css_filter_contrast',
1617
  [
1618
+ 'label' => esc_html__( 'Contrast', 'tpebl' ),
1619
  'type' => Controls_Manager::SLIDER,
1620
  'range' => [
1621
  'px' => [
1639
  $repeater->add_control(
1640
  'css_filter_saturation',
1641
  [
1642
+ 'label' => esc_html__( 'Saturation', 'tpebl' ),
1643
  'type' => Controls_Manager::SLIDER,
1644
  'range' => [
1645
  'px' => [
1663
  $repeater->add_control(
1664
  'css_filter_hue',
1665
  [
1666
+ 'label' => esc_html__( 'Hue', 'tpebl' ),
1667
  'type' => Controls_Manager::SLIDER,
1668
  'range' => [
1669
  'px' => [
2377
  $repeater->add_control(
2378
  'image_css_filter_hover_cst',
2379
  [
2380
+ 'label' => esc_html__( 'CSS Filter', 'tpebl' ),
2381
  'type' => Controls_Manager::POPOVER_TOGGLE,
2382
+ 'label_off' => __( 'Default', 'tpebl' ),
2383
+ 'label_on' => __( 'Custom', 'tpebl' ),
2384
  'return_value' => 'yes',
2385
  'condition' => [
2386
  'content_tag' => 'image',
2392
  $repeater->add_control(
2393
  'image_css_filter_blur',
2394
  [
2395
+ 'label' => esc_html__( 'Blur', 'tpebl' ),
2396
  'type' => Controls_Manager::SLIDER,
2397
  'range' => [
2398
  'px' => [
2415
  $repeater->add_control(
2416
  'image_css_filter_brightness',
2417
  [
2418
+ 'label' => esc_html__( 'Brightness', 'tpebl' ),
2419
  'type' => Controls_Manager::SLIDER,
2420
  'range' => [
2421
  'px' => [
2438
  $repeater->add_control(
2439
  'image_css_filter_contrast',
2440
  [
2441
+ 'label' => esc_html__( 'Contrast', 'tpebl' ),
2442
  'type' => Controls_Manager::SLIDER,
2443
  'range' => [
2444
  'px' => [
2461
  $repeater->add_control(
2462
  'image_css_filter_saturation',
2463
  [
2464
+ 'label' => esc_html__( 'Saturation', 'tpebl' ),
2465
  'type' => Controls_Manager::SLIDER,
2466
  'range' => [
2467
  'px' => [
2484
  $repeater->add_control(
2485
  'image_css_filter_hue',
2486
  [
2487
+ 'label' => esc_html__( 'Hue', 'tpebl' ),
2488
  'type' => Controls_Manager::SLIDER,
2489
  'range' => [
2490
  'px' => [
2531
 
2532
  $open_tag='';
2533
  if(!empty($item['open_tag']) && $item['open_tag']!='none'){
2534
+ $open_tag = l_theplus_validate_html_tag($item['open_tag']);
2535
 
2536
  $this->add_render_attribute( 'loop_attr'.$i, 'class', 'elementor-repeater-item-' . $item['_id']);
2537
  }
2546
 
2547
  $close_tag='';
2548
  if(!empty($item['close_tag']) && $item['close_tag']=='close'){
2549
+ $close_tag = l_theplus_validate_html_tag($open_tag);
2550
  }else if(!empty($item['close_tag']) && $item['close_tag']!='close' && $item['close_tag']!='none'){
2551
+ $close_tag = l_theplus_validate_html_tag($item['close_tag']);
2552
  }
2553
 
2554
  /*a link*/
2567
 
2568
  /*Open Tag start*/
2569
  if(!empty($open_tag)){
2570
+ $loopitem .= '<'.l_theplus_validate_html_tag($open_tag).' '.$this->get_render_attribute_string( "loop_attr".$i ).'>';
2571
  }
2572
  /*Open Tag end*/
2573
 
2596
 
2597
  /*Close Tag start*/
2598
  if(!empty($item['close_tag']) && $item['close_tag']!='none'){
2599
+ $loopitem .= '</'.l_theplus_validate_html_tag($close_tag).'>';
2600
  }
2601
  /*Close Tag end*/
2602
 
modules/widgets/tp_info_box.php CHANGED
@@ -2812,7 +2812,7 @@ class L_ThePlus_Info_Box extends Widget_Base {
2812
 
2813
  $title_tag=!empty($settings['title_tag']) ? $settings['title_tag'] : 'div';
2814
  if(!empty($settings["title"])){
2815
- $service_title= '<a '.$this->get_render_attribute_string( "box_link" ).' ><'.$title_tag.' class="service-title "> '.esc_html($settings["title"]).' </'.$title_tag.'></a>';
2816
  }
2817
 
2818
  $border_check=$settings["border_check"];
2812
 
2813
  $title_tag=!empty($settings['title_tag']) ? $settings['title_tag'] : 'div';
2814
  if(!empty($settings["title"])){
2815
+ $service_title= '<a '.$this->get_render_attribute_string( "box_link" ).' ><'.l_theplus_validate_html_tag($title_tag).' class="service-title "> '.esc_html($settings["title"]).' </'.l_theplus_validate_html_tag($title_tag).'></a>';
2816
  }
2817
 
2818
  $border_check=$settings["border_check"];
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://theplusaddons.com/pricing/
4
  Tags: elementor, elementor addons, elementor widgets, the plus addons for elementor, the plus widgets elementor, free elementor addons, elementor pro addons, elementor widget pack, ultimate addons for elementor, popular addons for elementor, powerful addons for elementor, best addons for elementor
5
  Requires at least: 4.0
6
  Tested up to: 5.7
7
- Stable tag: 2.0.5
8
  Requires PHP: 5.6
9
  License: GPLv3
10
  License URI: https://opensource.org/licenses/GPL-3.0
@@ -222,6 +222,10 @@ We have most advanced caching architecture, Which will never bloat your site. Kn
222
 
223
 
224
  == Changelog ==
 
 
 
 
225
 
226
  = 2.0.5 =
227
  Compatibility : WordPress 5.7 compatibility
4
  Tags: elementor, elementor addons, elementor widgets, the plus addons for elementor, the plus widgets elementor, free elementor addons, elementor pro addons, elementor widget pack, ultimate addons for elementor, popular addons for elementor, powerful addons for elementor, best addons for elementor
5
  Requires at least: 4.0
6
  Tested up to: 5.7
7
+ Stable tag: 2.0.6
8
  Requires PHP: 5.6
9
  License: GPLv3
10
  License URI: https://opensource.org/licenses/GPL-3.0
222
 
223
 
224
  == Changelog ==
225
+
226
+ = 2.0.6 =
227
+ Security Fix : Security error related to HTML tags validation (nearly identical to Elementor's Recent Patch)
228
+ Fix : JS bug fix and improvements
229
 
230
  = 2.0.5 =
231
  Compatibility : WordPress 5.7 compatibility
theplus_elementor_addon.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: The Plus Addons for Elementor Page Builder Lite
4
  * Plugin URI: https://theplusaddons.com/
5
  * Description: Biggest collection of Widgets & Features to supercharge your Elementor Page builder in WordPress.
6
- * Version: 2.0.5
7
  * Author: POSIMYTH
8
  * Author URI: https://posimyth.com/
9
  * Text Domain: tpebl
@@ -14,7 +14,7 @@
14
  if ( ! defined( 'ABSPATH' ) ) {
15
  exit;
16
  }
17
- defined( 'L_THEPLUS_VERSION' ) or define( 'L_THEPLUS_VERSION', '2.0.5' );
18
  define( 'L_THEPLUS_FILE__', __FILE__ );
19
 
20
  define( 'L_THEPLUS_PATH', plugin_dir_path( __FILE__ ) );
@@ -40,6 +40,17 @@ function l_theplus_pluginsLoaded() {
40
  }
41
  add_action( 'plugins_loaded', 'l_theplus_pluginsLoaded' );
42
 
 
 
 
 
 
 
 
 
 
 
 
43
  /* theplus elementor load notice */
44
  function l_theplus_elementor_load_notice() {
45
  $plugin = 'elementor/elementor.php';
3
  * Plugin Name: The Plus Addons for Elementor Page Builder Lite
4
  * Plugin URI: https://theplusaddons.com/
5
  * Description: Biggest collection of Widgets & Features to supercharge your Elementor Page builder in WordPress.
6
+ * Version: 2.0.6
7
  * Author: POSIMYTH
8
  * Author URI: https://posimyth.com/
9
  * Text Domain: tpebl
14
  if ( ! defined( 'ABSPATH' ) ) {
15
  exit;
16
  }
17
+ defined( 'L_THEPLUS_VERSION' ) or define( 'L_THEPLUS_VERSION', '2.0.6' );
18
  define( 'L_THEPLUS_FILE__', __FILE__ );
19
 
20
  define( 'L_THEPLUS_PATH', plugin_dir_path( __FILE__ ) );
40
  }
41
  add_action( 'plugins_loaded', 'l_theplus_pluginsLoaded' );
42
 
43
+ /* theplus update notice */
44
+ add_action('in_plugin_update_message-the-plus-addons-for-elementor-page-builder/theplus_elementor_addon.php','l_tp_in_plugin_update_message',10,2);
45
+ function l_tp_in_plugin_update_message($data,$response){
46
+ if( isset( $data['upgrade_notice'] ) && !empty($data['upgrade_notice']) ) {
47
+ printf(
48
+ '<div class="update-message">%s</div>',
49
+ wpautop( $data['upgrade_notice'] )
50
+ );
51
+ }
52
+ }
53
+
54
  /* theplus elementor load notice */
55
  function l_theplus_elementor_load_notice() {
56
  $plugin = 'elementor/elementor.php';
widgets_loader.php CHANGED
@@ -125,12 +125,8 @@ final class L_Theplus_Element_Load {
125
  wp_enqueue_style( 'theplus-ele-admin', L_THEPLUS_ASSETS_URL .'css/admin/theplus-ele-admin.css', array(),L_THEPLUS_VERSION,false );
126
  wp_enqueue_script( 'theplus-admin-js', L_THEPLUS_ASSETS_URL .'js/admin/theplus-admin.js', array(),L_THEPLUS_VERSION,false );
127
 
128
- wp_localize_script(
129
- 'theplus-admin-js', 'theplus_ajax_url', admin_url("admin-ajax.php")
130
- );
131
- wp_localize_script(
132
- 'theplus-admin-js', 'theplus_nonce', wp_create_nonce("theplus-addons")
133
- );
134
  }
135
  function theplus_mime_types($mimes) {
136
  $mimes['svg'] = 'image/svg+xml';
125
  wp_enqueue_style( 'theplus-ele-admin', L_THEPLUS_ASSETS_URL .'css/admin/theplus-ele-admin.css', array(),L_THEPLUS_VERSION,false );
126
  wp_enqueue_script( 'theplus-admin-js', L_THEPLUS_ASSETS_URL .'js/admin/theplus-admin.js', array(),L_THEPLUS_VERSION,false );
127
 
128
+ echo '<script> var theplus_ajax_url = "'.admin_url("admin-ajax.php").'";
129
+ var theplus_nonce = "'.wp_create_nonce("theplus-addons").'";</script>';
 
 
 
 
130
  }
131
  function theplus_mime_types($mimes) {
132
  $mimes['svg'] = 'image/svg+xml';