Version Description
Fixed: XSS vulnerability.
Download this release
Release Info
| Developer | 10web |
| Plugin |  WD Instagram Feed – Instagram Gallery |
| Version | 1.4.19 |
| Comparing to | |
| See all releases | |
Code changes from version 1.4.18 to 1.4.19
- config.php +1 -1
- framework/WDIInstagram.php +5 -2
- readme.txt +4 -1
- wd-instagram-feed.php +1 -1
config.php
CHANGED
|
@@ -3,7 +3,7 @@ if ( !defined('ABSPATH') ) {
|
|
| 3 |
exit;
|
| 4 |
}
|
| 5 |
|
| 6 |
-
define('WDI_VERSION', '1.4.
|
| 7 |
define('WDI_IS_FREE', TRUE);
|
| 8 |
define('WDI_PREFIX', 'wdi');
|
| 9 |
define('WDI_DIR', WP_PLUGIN_DIR . "/" . plugin_basename(dirname(__FILE__)));
|
| 3 |
exit;
|
| 4 |
}
|
| 5 |
|
| 6 |
+
define('WDI_VERSION', '1.4.19');
|
| 7 |
define('WDI_IS_FREE', TRUE);
|
| 8 |
define('WDI_PREFIX', 'wdi');
|
| 9 |
define('WDI_DIR', WP_PLUGIN_DIR . "/" . plugin_basename(dirname(__FILE__)));
|
framework/WDIInstagram.php
CHANGED
|
@@ -451,8 +451,11 @@ class WDIInstagram {
|
|
| 451 |
'timeout' => 60,
|
| 452 |
'sslverify' => FALSE
|
| 453 |
);
|
| 454 |
-
$
|
| 455 |
-
|
|
|
|
|
|
|
|
|
|
| 456 |
if ( !isset($response->errors) && is_array($response) && isset($response["body"]) ) {
|
| 457 |
$data = json_decode($response["body"], TRUE);
|
| 458 |
if ( !empty($data['data']) ) {
|
| 451 |
'timeout' => 60,
|
| 452 |
'sslverify' => FALSE
|
| 453 |
);
|
| 454 |
+
if (strpos($baseUrl, 'https://graph.facebook.com/') === 0 || strpos($baseUrl, 'https://graph.instagram.com/') === 0 ) {
|
| 455 |
+
$response = wp_remote_get($baseUrl, $args);
|
| 456 |
+
} else {
|
| 457 |
+
wp_die();
|
| 458 |
+
}
|
| 459 |
if ( !isset($response->errors) && is_array($response) && isset($response["body"]) ) {
|
| 460 |
$data = json_decode($response["body"], TRUE);
|
| 461 |
if ( !empty($data['data']) ) {
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Tags: custom instagram feed, feed, instagram, hashtag, Instagram feed, instagram
|
|
| 4 |
Requires at least: 3.9
|
| 5 |
Requires PHP: 5.2
|
| 6 |
Tested up to: 5.7
|
| 7 |
-
Stable tag: 1.4.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -505,6 +505,9 @@ Please make sure you don't have any important information before you proceed.
|
|
| 505 |
10Web Social Photo Feed for Instagram plugin uses Instagram API on website front end. You have to authorize the plugin via sign in to get data from Instagram on your behalf. The plugin does not send any user’s data to Instagram. All the data received from Instagram via API is cached in WordPress database for some short customizable period to provide front end optimization. You can delete or update cached data. Instagram saves some cookies in browsers of website visitors via API data. These cookies are mostly used for security purposes. They are regulated under terms of Instagram’s privacy policy https://instagram.com/legal/privacy. The plugin asks for your consent to collect site administrator’s email address and site URL to offer customer support, deals and discounts on premium products and more.
|
| 506 |
|
| 507 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
| 508 |
= 1.4.18 =
|
| 509 |
Added: Possibility to show IGTV media in the feed.
|
| 510 |
Fixed: Lightbox filmstrip issue.
|
| 4 |
Requires at least: 3.9
|
| 5 |
Requires PHP: 5.2
|
| 6 |
Tested up to: 5.7
|
| 7 |
+
Stable tag: 1.4.19
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 505 |
10Web Social Photo Feed for Instagram plugin uses Instagram API on website front end. You have to authorize the plugin via sign in to get data from Instagram on your behalf. The plugin does not send any user’s data to Instagram. All the data received from Instagram via API is cached in WordPress database for some short customizable period to provide front end optimization. You can delete or update cached data. Instagram saves some cookies in browsers of website visitors via API data. These cookies are mostly used for security purposes. They are regulated under terms of Instagram’s privacy policy https://instagram.com/legal/privacy. The plugin asks for your consent to collect site administrator’s email address and site URL to offer customer support, deals and discounts on premium products and more.
|
| 506 |
|
| 507 |
== Changelog ==
|
| 508 |
+
= 1.4.19 =
|
| 509 |
+
Fixed: XSS vulnerability.
|
| 510 |
+
|
| 511 |
= 1.4.18 =
|
| 512 |
Added: Possibility to show IGTV media in the feed.
|
| 513 |
Fixed: Lightbox filmstrip issue.
|
wd-instagram-feed.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: 10Web Social Photo Feed
|
| 4 |
* Plugin URI: https://10web.io/plugins/wordpress-instagram-feed/?utm_source=instagram_feed&utm_medium=free_plugin
|
| 5 |
* Description: 10Web Social Photo Feed is a user-friendly tool for displaying user or hashtag-based feeds on your website. You can create feeds with one of the available layouts. It allows displaying image metadata, open up images in lightbox, download them and even share in social networking websites.
|
| 6 |
-
* Version: 1.4.
|
| 7 |
* Author: 10Web
|
| 8 |
* Author URI: https://10Web.io/plugins/?utm_source=instagram_feed&utm_medium=free_plugin
|
| 9 |
* License: GPLv2 or later
|
| 3 |
* Plugin Name: 10Web Social Photo Feed
|
| 4 |
* Plugin URI: https://10web.io/plugins/wordpress-instagram-feed/?utm_source=instagram_feed&utm_medium=free_plugin
|
| 5 |
* Description: 10Web Social Photo Feed is a user-friendly tool for displaying user or hashtag-based feeds on your website. You can create feeds with one of the available layouts. It allows displaying image metadata, open up images in lightbox, download them and even share in social networking websites.
|
| 6 |
+
* Version: 1.4.19
|
| 7 |
* Author: 10Web
|
| 8 |
* Author URI: https://10Web.io/plugins/?utm_source=instagram_feed&utm_medium=free_plugin
|
| 9 |
* License: GPLv2 or later
|
