Wordfence Security – Firewall &amp; Malware Scan

Version Description

September 6, 2022 =
Fix: Prevented XSS that would have required admin privileges to exploit (CVE-2022-3144)

Release Info

Developer	wfalexk
Plugin	Wordfence Security – Firewall & Malware Scan
Version	7.6.1
Comparing to
See all releases

Code changes from version 7.6.0 to 7.6.1

Files changed (68) hide show

css/{activity-report-widget.1659014884.css → activity-report-widget.1662494776.css} +0 -0
css/{diff.1659014884.css → diff.1662494776.css} +0 -0
css/{dt_table.1659014884.css → dt_table.1662494776.css} +0 -0
css/{fullLog.1659014884.css → fullLog.1662494776.css} +0 -0
css/{iptraf.1659014884.css → iptraf.1662494776.css} +0 -0
css/{jquery-ui-timepicker-addon.1659014884.css → jquery-ui-timepicker-addon.1662494776.css} +0 -0
css/{jquery-ui.min.1659014884.css → jquery-ui.min.1662494776.css} +0 -0
css/{jquery-ui.structure.min.1659014884.css → jquery-ui.structure.min.1662494776.css} +0 -0
css/{jquery-ui.theme.min.1659014884.css → jquery-ui.theme.min.1662494776.css} +0 -0
css/license/{care-global.1659014884.css → care-global.1662494776.css} +0 -0
css/license/{care.1659014884.css → care.1662494776.css} +0 -0
css/license/{free-global.1659014884.css → free-global.1662494776.css} +0 -0
css/license/{free.1659014884.css → free.1662494776.css} +0 -0
css/license/{premium-global.1659014884.css → premium-global.1662494776.css} +0 -0
css/license/{premium.1659014884.css → premium.1662494776.css} +0 -0
css/license/{response-global.1659014884.css → response-global.1662494776.css} +0 -0
css/license/{response-variables.1659014884.css → response-variables.1662494776.css} +0 -0
css/license/{response.1659014884.css → response.1662494776.css} +0 -0
css/{main.1659014884.css → main.1662494776.css} +0 -0
css/{phpinfo.1659014884.css → phpinfo.1662494776.css} +0 -0
css/{wf-adminbar.1659014884.css → wf-adminbar.1662494776.css} +0 -0
css/{wf-colorbox.1659014884.css → wf-colorbox.1662494776.css} +0 -0
css/{wf-font-awesome.1659014884.css → wf-font-awesome.1662494776.css} +0 -0
css/{wf-global.1659014884.css → wf-global.1662494776.css} +0 -0
css/{wf-ionicons.1659014884.css → wf-ionicons.1662494776.css} +0 -0
css/{wf-onboarding.1659014884.css → wf-onboarding.1662494776.css} +0 -0
css/{wf-roboto-font.1659014884.css → wf-roboto-font.1662494776.css} +0 -0
css/{wfselect2.min.1659014884.css → wfselect2.min.1662494776.css} +0 -0
css/{wordfenceBox.1659014884.css → wordfenceBox.1662494776.css} +0 -0
js/{Chart.bundle.min.1659014884.js → Chart.bundle.min.1662494776.js} +0 -0
js/{admin.1659014884.js → admin.1662494776.js} +12 -7
js/{admin.ajaxWatcher.1659014884.js → admin.ajaxWatcher.1662494776.js} +0 -0
js/{admin.liveTraffic.1659014884.js → admin.liveTraffic.1662494776.js} +0 -0
js/{date.1659014884.js → date.1662494776.js} +0 -0
js/{jquery-ui-timepicker-addon.1659014884.js → jquery-ui-timepicker-addon.1662494776.js} +0 -0
js/{jquery.colorbox-min.1659014884.js → jquery.colorbox-min.1662494776.js} +0 -0
js/{jquery.colorbox.1659014884.js → jquery.colorbox.1662494776.js} +0 -0
js/{jquery.dataTables.min.1659014884.js → jquery.dataTables.min.1662494776.js} +0 -0
js/{jquery.qrcode.min.1659014884.js → jquery.qrcode.min.1662494776.js} +0 -0
js/{jquery.tmpl.min.1659014884.js → jquery.tmpl.min.1662494776.js} +0 -0
js/{jquery.tools.min.1659014884.js → jquery.tools.min.1662494776.js} +0 -0
js/{knockout-3.5.1.1659014884.js → knockout-3.5.1.1662494776.js} +0 -0
js/{wfdashboard.1659014884.js → wfdashboard.1662494776.js} +0 -0
js/{wfdropdown.1659014884.js → wfdropdown.1662494776.js} +0 -0
js/{wfglobal.1659014884.js → wfglobal.1662494776.js} +0 -0
js/{wfi18n.1659014884.js → wfi18n.1662494776.js} +0 -0
js/{wfpopover.1659014884.js → wfpopover.1662494776.js} +0 -0
js/{wfselect2.min.1659014884.js → wfselect2.min.1662494776.js} +0 -0
languages/wordfence.po +2 -2
modules/login-security/css/{admin-global.1659014884.css → admin-global.1662494776.css} +0 -0
modules/login-security/css/{admin.1659014884.css → admin.1662494776.css} +0 -0
modules/login-security/css/{colorbox.1659014884.css → colorbox.1662494776.css} +0 -0
modules/login-security/css/{font-awesome.1659014884.css → font-awesome.1662494776.css} +0 -0
modules/login-security/css/{ionicons.1659014884.css → ionicons.1662494776.css} +0 -0
modules/login-security/css/{jquery-ui.min.1659014884.css → jquery-ui.min.1662494776.css} +0 -0
modules/login-security/css/{jquery-ui.structure.min.1659014884.css → jquery-ui.structure.min.1662494776.css} +0 -0
modules/login-security/css/{jquery-ui.theme.min.1659014884.css → jquery-ui.theme.min.1662494776.css} +0 -0
modules/login-security/css/{login.1659014884.css → login.1662494776.css} +0 -0
modules/login-security/js/{admin-global.1659014884.js → admin-global.1662494776.js} +0 -0
modules/login-security/js/{admin.1659014884.js → admin.1662494776.js} +0 -0
modules/login-security/js/{jquery.colorbox.1659014884.js → jquery.colorbox.1662494776.js} +0 -0
modules/login-security/js/{jquery.colorbox.min.1659014884.js → jquery.colorbox.min.1662494776.js} +0 -0
modules/login-security/js/{jquery.qrcode.min.1659014884.js → jquery.qrcode.min.1662494776.js} +0 -0
modules/login-security/js/{jquery.tmpl.min.1659014884.js → jquery.tmpl.min.1662494776.js} +0 -0
modules/login-security/js/{login.1659014884.js → login.1662494776.js} +0 -0
modules/login-security/wordfence-login-security.php +1 -1
readme.txt +4 -1
wordfence.php +3 -3

	@@ -597,15 +597,20 @@
597	var selected = $(this).find('option:selected');
598	var tagsElement = optionElement.find('.wf-option-token-tags');
599	var list = $('<ul>');
600	- selected.each(function(index, ~~value~~) {
601	- ~~var~~ li = $(~~'<li class="wf-tag-selected"><a class="wf-destroy-tag-selected">×</a>' + $(value~~)~~.text() + '</li>')~~;
602	- li.~~children~~(~~'a.wf-destroy-tag-selected'~~)


603	.off('click.wfselect2-copy')
604	.on('click.wfselect2-copy', function(e) {
605	- ~~var opt = $(this)~~.~~data~~('~~wfselect2-opt~~');
606	- ~~opt~~.~~prop~~('~~selected~~'~~, false~~);
607	- ~~opt~~.~~parents~~(~~'select'~~)~~.trigger('change')~~;
608	- })~~.data('wfselect2-opt', $(value))~~;



609	list.append(li);
610	});
611	tagsElement.html('').append(list);


597	var selected = $(this).find('option:selected');
598	var tagsElement = optionElement.find('.wf-option-token-tags');
599	var list = $('<ul>');
600	+ selected.each(function(index, option) {
601	+ option = $(option);
602	+ var value = option.val();
603	+ var destroyButton = $('<a>').addClass('wf-destroy-tag-selected')
604	+ .text('x')
605	.off('click.wfselect2-copy')
606	.on('click.wfselect2-copy', function(e) {
607	+ option.prop('selected', false);
608	+ option.parents('select').trigger('change');
609	+ option.remove();
610	+ });
611	+ var li = $('<li>').addClass('wf-tag-selected')
612	+ .text(value)
613	+ .prepend(destroyButton);
614	list.append(li);
615	});
616	tagsElement.html('').append(list);

	@@ -2,14 +2,14 @@
2	# This file is distributed under the same license as the Wordfence Security plugin.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Wordfence Security 7.6.0\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/src\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	- "POT-Creation-Date: 2022-07-~~28T09~~:22:50-04:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: wordfence\n"


2	# This file is distributed under the same license as the Wordfence Security plugin.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Wordfence Security 7.6.1\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/src\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	+ "POT-Creation-Date: 2022-09-06T15:14:20-04:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: wordfence\n"

	@@ -4,7 +4,7 @@ Tags: security, firewall, malware scanner, web application firewall, two factor
4	Requires at least: 3.9
5	Requires PHP: 5.3
6	Tested up to: 6.0
7	- Stable tag: 7.6.0
8	License: GPLv3
9	License URI: https://www.gnu.org/licenses/gpl-3.0.html
10
	@@ -185,6 +185,9 @@ Secure your website with Wordfence.
185
186	== Changelog ==
187



188	= 7.6.0 - July 28, 2022 =
189	* Improvement: Added option to start scans using only IPv4
190	* Improvement: Added diagnostic for internal IPv6 connectivity to site

	@@ -27,7 +27,7 @@ else {
27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	define('WORDFENCE_LS_VERSION', '1.0.10');
30	- define('WORDFENCE_LS_BUILD_NUMBER', '~~1659014884~~');
31
32	define('WORDFENCE_LS_PLUGIN_BASENAME', plugin_basename(__FILE__));
33


27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	define('WORDFENCE_LS_VERSION', '1.0.10');
30	+ define('WORDFENCE_LS_BUILD_NUMBER', '1662494776');
31
32	define('WORDFENCE_LS_PLUGIN_BASENAME', plugin_basename(__FILE__));
33

	@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6	Author: Wordfence
7	- Version: 7.6.0
8	Author URI: http://www.wordfence.com/
9	Text Domain: wordfence
10	Domain Path: /languages
	@@ -38,8 +38,8 @@ if(defined('WP_INSTALLING') && WP_INSTALLING){
38	if (!defined('ABSPATH')) {
39	exit;
40	}
41	- define('WORDFENCE_VERSION', '7.6.0');
42	- define('WORDFENCE_BUILD_NUMBER', '~~1659014884~~');
43	define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
44	basename(dirname(__FILE__)) . '/' . basename(__FILE__));
45

Wordfence Security – Firewall & Malware Scan - Version 7.6.1

Version Description

Release Info

Code changes from version 7.6.0 to 7.6.1