Version Description
Better secure entry detail page against XSS vulnerability
Download this release
Release Info
Developer | mmuro |
Plugin | Visual Form Builder |
Version | 2.8.5 |
Comparing to | |
See all releases |
Code changes from version 2.8.4 to 2.8.5
- includes/class-entries-detail.php +3 -3
- readme.txt +8 -1
- visual-form-builder.php +2 -2
includes/class-entries-detail.php
CHANGED
@@ -152,7 +152,7 @@ class VisualFormBuilder_Entries_Detail{
|
|
152 |
?>
|
153 |
<tr valign="top">
|
154 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
155 |
-
<td style="background:#eee;border:1px solid #ddd"><a href="<?php esc_attr_e( $obj->value ); ?>" target="_blank"><?php echo
|
156 |
</tr>
|
157 |
<?php
|
158 |
break;
|
@@ -162,7 +162,7 @@ class VisualFormBuilder_Entries_Detail{
|
|
162 |
?>
|
163 |
<tr valign="top">
|
164 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
165 |
-
<td style="background:#eee;border:1px solid #ddd"><?php echo wpautop(
|
166 |
</tr>
|
167 |
<?php
|
168 |
break;
|
@@ -171,7 +171,7 @@ class VisualFormBuilder_Entries_Detail{
|
|
171 |
?>
|
172 |
<tr valign="top">
|
173 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
174 |
-
<td style="background:#eee;border:1px solid #ddd"><?php echo
|
175 |
</tr>
|
176 |
<?php
|
177 |
break;
|
152 |
?>
|
153 |
<tr valign="top">
|
154 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
155 |
+
<td style="background:#eee;border:1px solid #ddd"><a href="<?php esc_attr_e( $obj->value ); ?>" target="_blank"><?php echo esc_html( $obj->value ); ?></a></td>
|
156 |
</tr>
|
157 |
<?php
|
158 |
break;
|
162 |
?>
|
163 |
<tr valign="top">
|
164 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
165 |
+
<td style="background:#eee;border:1px solid #ddd"><?php echo wpautop( esc_html( $obj->value ) ); ?></td>
|
166 |
</tr>
|
167 |
<?php
|
168 |
break;
|
171 |
?>
|
172 |
<tr valign="top">
|
173 |
<th scope="row"><label for="field[<?php echo $obj->id; ?>]"><?php echo stripslashes( $obj->name ); ?></label></th>
|
174 |
+
<td style="background:#eee;border:1px solid #ddd"><?php echo esc_html( $obj->value ); ?></td>
|
175 |
</tr>
|
176 |
<?php
|
177 |
break;
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=G87A9
|
|
4 |
Tags: form, forms, contact form, contact forms, form, forms, form to email, email form, email, input, validation, jquery, shortcode, form builder, contact form builder, form manager, form creator
|
5 |
Requires at least: 3.5
|
6 |
Tested up to: 4.3
|
7 |
-
Stable tag: 2.8.
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Build beautiful, fully functional contact forms in only a few minutes without writing PHP, CSS, or HTML.
|
@@ -237,6 +237,10 @@ function my_scripts_method() {
|
|
237 |
|
238 |
== Changelog ==
|
239 |
|
|
|
|
|
|
|
|
|
240 |
**Version 2.8.4 - Aug 24, 2015**
|
241 |
|
242 |
* Update how widget is registered to comply with WordPress 4.3
|
@@ -665,6 +669,9 @@ function my_scripts_method() {
|
|
665 |
|
666 |
== Upgrade Notice ==
|
667 |
|
|
|
|
|
|
|
668 |
= 2.8.4 =
|
669 |
Update how widget is registered to comply with WordPress 4.3
|
670 |
|
4 |
Tags: form, forms, contact form, contact forms, form, forms, form to email, email form, email, input, validation, jquery, shortcode, form builder, contact form builder, form manager, form creator
|
5 |
Requires at least: 3.5
|
6 |
Tested up to: 4.3
|
7 |
+
Stable tag: 2.8.5
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Build beautiful, fully functional contact forms in only a few minutes without writing PHP, CSS, or HTML.
|
237 |
|
238 |
== Changelog ==
|
239 |
|
240 |
+
**Version 2.8.5 - Sep 09, 2015**
|
241 |
+
|
242 |
+
* Better secure entry detail page against XSS vulnerability
|
243 |
+
|
244 |
**Version 2.8.4 - Aug 24, 2015**
|
245 |
|
246 |
* Update how widget is registered to comply with WordPress 4.3
|
669 |
|
670 |
== Upgrade Notice ==
|
671 |
|
672 |
+
= 2.8.5 =
|
673 |
+
Better secure entry detail page against XSS vulnerability
|
674 |
+
|
675 |
= 2.8.4 =
|
676 |
Update how widget is registered to comply with WordPress 4.3
|
677 |
|
visual-form-builder.php
CHANGED
@@ -4,11 +4,11 @@ Plugin Name: Visual Form Builder
|
|
4 |
Description: Dynamically build forms using a simple interface. Forms include jQuery validation, a basic logic-based verification system, and entry tracking.
|
5 |
Author: Matthew Muro
|
6 |
Author URI: http://matthewmuro.com
|
7 |
-
Version: 2.8.
|
8 |
*/
|
9 |
|
10 |
// Version number to output as meta tag
|
11 |
-
define( 'VFB_VERSION', '2.8.
|
12 |
|
13 |
/*
|
14 |
This program is free software; you can redistribute it and/or modify
|
4 |
Description: Dynamically build forms using a simple interface. Forms include jQuery validation, a basic logic-based verification system, and entry tracking.
|
5 |
Author: Matthew Muro
|
6 |
Author URI: http://matthewmuro.com
|
7 |
+
Version: 2.8.5
|
8 |
*/
|
9 |
|
10 |
// Version number to output as meta tag
|
11 |
+
define( 'VFB_VERSION', '2.8.5' );
|
12 |
|
13 |
/*
|
14 |
This program is free software; you can redistribute it and/or modify
|