Version Description
Better secure entry detail page against XSS vulnerability
Download this release
Release Info
| Developer | mmuro |
| Plugin |  Visual Form Builder |
| Version | 2.8.5 |
| Comparing to | |
| See all releases | |
Code changes from version 2.8.4 to 2.8.5
- includes/class-entries-detail.php +3 -3
- readme.txt +8 -1
- visual-form-builder.php +2 -2
includes/class-entries-detail.php
CHANGED
|
@@ -152,7 +152,7 @@ class VisualFormBuilder_Entries_Detail{
|
|
| 152 |
?>
|
| 153 |
<tr valign="top">
|
| 154 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
| 155 |
-
<td style="background:#eee;border:1px solid #ddd"><a href="<?php esc_attr_e( $obj->value ); ?>" target="_blank"><?php echo
|
| 156 |
</tr>
|
| 157 |
<?php
|
| 158 |
break;
|
|
@@ -162,7 +162,7 @@ class VisualFormBuilder_Entries_Detail{
|
|
| 162 |
?>
|
| 163 |
<tr valign="top">
|
| 164 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
| 165 |
-
<td style="background:#eee;border:1px solid #ddd"><?php echo wpautop(
|
| 166 |
</tr>
|
| 167 |
<?php
|
| 168 |
break;
|
|
@@ -171,7 +171,7 @@ class VisualFormBuilder_Entries_Detail{
|
|
| 171 |
?>
|
| 172 |
<tr valign="top">
|
| 173 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
| 174 |
-
<td style="background:#eee;border:1px solid #ddd"><?php echo
|
| 175 |
</tr>
|
| 176 |
<?php
|
| 177 |
break;
|
| 152 |
?>
|
| 153 |
<tr valign="top">
|
| 154 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
| 155 |
+
<td style="background:#eee;border:1px solid #ddd"><a href="<?php esc_attr_e( $obj->value ); ?>" target="_blank"><?php echo esc_html( $obj->value ); ?></a></td>
|
| 156 |
</tr>
|
| 157 |
<?php
|
| 158 |
break;
|
| 162 |
?>
|
| 163 |
<tr valign="top">
|
| 164 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
| 165 |
+
<td style="background:#eee;border:1px solid #ddd"><?php echo wpautop( esc_html( $obj->value ) ); ?></td>
|
| 166 |
</tr>
|
| 167 |
<?php
|
| 168 |
break;
|
| 171 |
?>
|
| 172 |
<tr valign="top">
|
| 173 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
| 174 |
+
<td style="background:#eee;border:1px solid #ddd"><?php echo esc_html( $obj->value ); ?></td>
|
| 175 |
</tr>
|
| 176 |
<?php
|
| 177 |
break;
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=G87A9
|
|
| 4 |
Tags: form, forms, contact form, contact forms, form, forms, form to email, email form, email, input, validation, jquery, shortcode, form builder, contact form builder, form manager, form creator
|
| 5 |
Requires at least: 3.5
|
| 6 |
Tested up to: 4.3
|
| 7 |
-
Stable tag: 2.8.
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Build beautiful, fully functional contact forms in only a few minutes without writing PHP, CSS, or HTML.
|
|
@@ -237,6 +237,10 @@ function my_scripts_method() {
|
|
| 237 |
|
| 238 |
== Changelog ==
|
| 239 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 240 |
**Version 2.8.4 - Aug 24, 2015**
|
| 241 |
|
| 242 |
* Update how widget is registered to comply with WordPress 4.3
|
|
@@ -665,6 +669,9 @@ function my_scripts_method() {
|
|
| 665 |
|
| 666 |
== Upgrade Notice ==
|
| 667 |
|
|
|
|
|
|
|
|
|
|
| 668 |
= 2.8.4 =
|
| 669 |
Update how widget is registered to comply with WordPress 4.3
|
| 670 |
|
| 4 |
Tags: form, forms, contact form, contact forms, form, forms, form to email, email form, email, input, validation, jquery, shortcode, form builder, contact form builder, form manager, form creator
|
| 5 |
Requires at least: 3.5
|
| 6 |
Tested up to: 4.3
|
| 7 |
+
Stable tag: 2.8.5
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Build beautiful, fully functional contact forms in only a few minutes without writing PHP, CSS, or HTML.
|
| 237 |
|
| 238 |
== Changelog ==
|
| 239 |
|
| 240 |
+
**Version 2.8.5 - Sep 09, 2015**
|
| 241 |
+
|
| 242 |
+
* Better secure entry detail page against XSS vulnerability
|
| 243 |
+
|
| 244 |
**Version 2.8.4 - Aug 24, 2015**
|
| 245 |
|
| 246 |
* Update how widget is registered to comply with WordPress 4.3
|
| 669 |
|
| 670 |
== Upgrade Notice ==
|
| 671 |
|
| 672 |
+
= 2.8.5 =
|
| 673 |
+
Better secure entry detail page against XSS vulnerability
|
| 674 |
+
|
| 675 |
= 2.8.4 =
|
| 676 |
Update how widget is registered to comply with WordPress 4.3
|
| 677 |
|
visual-form-builder.php
CHANGED
|
@@ -4,11 +4,11 @@ Plugin Name: Visual Form Builder
|
|
| 4 |
Description: Dynamically build forms using a simple interface. Forms include jQuery validation, a basic logic-based verification system, and entry tracking.
|
| 5 |
Author: Matthew Muro
|
| 6 |
Author URI: http://matthewmuro.com
|
| 7 |
-
Version: 2.8.
|
| 8 |
*/
|
| 9 |
|
| 10 |
// Version number to output as meta tag
|
| 11 |
-
define( 'VFB_VERSION', '2.8.
|
| 12 |
|
| 13 |
/*
|
| 14 |
This program is free software; you can redistribute it and/or modify
|
| 4 |
Description: Dynamically build forms using a simple interface. Forms include jQuery validation, a basic logic-based verification system, and entry tracking.
|
| 5 |
Author: Matthew Muro
|
| 6 |
Author URI: http://matthewmuro.com
|
| 7 |
+
Version: 2.8.5
|
| 8 |
*/
|
| 9 |
|
| 10 |
// Version number to output as meta tag
|
| 11 |
+
define( 'VFB_VERSION', '2.8.5' );
|
| 12 |
|
| 13 |
/*
|
| 14 |
This program is free software; you can redistribute it and/or modify
|
