WP GDPR Compliance - Version 1.5.6

Version Description

Release date: February 15th, 2021 * Added backwards compatibility for wp_make_content_images_responsive() on WordPress versions before 5.5.0 * Patched an XSS vulnerability (big thanks to Kamil Vavra for bringing this to our attention).

Download this release

Release Info

Developer dennisvo
Plugin Icon 128x128 WP GDPR Compliance
Version 1.5.6
Comparing to
See all releases

Code changes from version 1.5.5 to 1.5.6

Files changed (4) hide show
  1. Includes/Helper.php +5 -0
  2. Includes/Page.php +38 -38
  3. readme.txt +7 -2
  4. wp-gdpr-compliance.php +7 -2
Includes/Helper.php CHANGED
@@ -405,6 +405,11 @@ class Helper {
405
  }
406
  // Generate ipv4 network address
407
  $ipAddress = ip2long($ipAddress);
 
 
 
 
 
408
  // If the ip is set and not equivalent to 255.255.255.255
409
  if ($ipAddress !== false && $ipAddress !== -1) {
410
  /**
405
  }
406
  // Generate ipv4 network address
407
  $ipAddress = ip2long($ipAddress);
408
+
409
+ if ($ipAddress === false) {
410
+ return false;
411
+ }
412
+
413
  // If the ip is set and not equivalent to 255.255.255.255
414
  if ($ipAddress !== false && $ipAddress !== -1) {
415
  /**
Includes/Page.php CHANGED
@@ -346,13 +346,13 @@ class Page {
346
  $privacyPolicyLink = esc_html(Integration::getPrivacyPolicyLink());
347
  $enableAccessRequest = Helper::isEnabled('enable_access_request', 'settings');
348
  $accessRequestPage = get_option($optionNameAccessRequestPage);
349
- $accessRequestFormCheckboxText = Integration::getAccessRequestFormCheckboxText(false);
350
- $deleteRequestFormExplanationText = Integration::getDeleteRequestFormExplanationText(false);
351
- $consentsBarExplanationText = Consent::getBarExplanationText();
352
- $consentsBarMoreInformationText = Consent::getBarMoreInformationText();
353
- $consentsBarButtonText = Consent::getBarButtonText();
354
  $consentsModalTitle = Consent::getModalTitle();
355
- $consentsModalExplanationText = Consent::getModalExplanationText();
356
  ?>
357
  <form method="post" action="<?php echo admin_url('options.php'); ?>" novalidate="novalidate">
358
  <?php settings_fields(WP_GDPR_C_SLUG . '_settings'); ?>
@@ -426,7 +426,7 @@ class Page {
426
  <div class="wpgdprc-options">
427
  <input type="text" name="<?php echo $optionNamePrivacyPolicyText; ?>" class="regular-text"
428
  id="<?php echo $optionNamePrivacyPolicyText; ?>"
429
- placeholder="<?php echo $privacyPolicyText; ?>" value="<?php echo $privacyPolicyText; ?>"/>
430
  </div>
431
  </div>
432
  <p><strong><?php _e('Request User Data', WP_GDPR_C_SLUG); ?></strong></p>
@@ -480,8 +480,8 @@ class Page {
480
  <div class="wpgdprc-options">
481
  <input type="text" name="<?php echo $optionNameAccessRequestFormCheckboxText; ?>"
482
  class="regular-text" id="<?php echo $optionNameAccessRequestFormCheckboxText; ?>"
483
- placeholder="<?php echo $accessRequestFormCheckboxText; ?>"
484
- value="<?php echo $accessRequestFormCheckboxText; ?>"/>
485
  </div>
486
  </div>
487
  <div class="wpgdprc-setting">
@@ -489,7 +489,7 @@ class Page {
489
  <div class="wpgdprc-options">
490
  <textarea name="<?php echo $optionNameDeleteRequestFormExplanationText; ?>" rows="5"
491
  id="<?php echo $optionNameAccessRequestFormCheckboxText; ?>"
492
- placeholder="<?php echo $deleteRequestFormExplanationText; ?>"><?php echo $deleteRequestFormExplanationText; ?></textarea>
493
  <?php echo Helper::getAllowedHTMLTagsOutput(); ?>
494
  </div>
495
  </div>
@@ -515,29 +515,29 @@ class Page {
515
  </div>
516
  </div>
517
  <div class="wpgdprc-setting">
518
- <label for="<?php echo htmlspecialchars($optionNameConsentsBarExplanationText); ?>"><?php _e('Bar: Explanation', WP_GDPR_C_SLUG); ?></label>
519
  <div class="wpgdprc-options">
520
- <textarea name="<?php echo htmlspecialchars($optionNameConsentsBarExplanationText); ?>" rows="2"
521
- id="<?php echo htmlspecialchars($optionNameConsentsBarExplanationText); ?>"
522
- placeholder="<?php echo htmlspecialchars($consentsBarExplanationText); ?>"><?php echo htmlspecialchars($consentsBarExplanationText); ?></textarea>
523
  </div>
524
  </div>
525
  <div class="wpgdprc-setting">
526
- <label for="<?php echo htmlspecialchars($optionNameConsentsBarMoreInformationText); ?>"><?php _e('Bar: More Information Text', WP_GDPR_C_SLUG); ?></label>
527
  <div class="wpgdprc-options">
528
- <input type="text" name="<?php echo htmlspecialchars($optionNameConsentsBarMoreInformationText); ?>"
529
- class="regular-text" id="<?php echo htmlspecialchars($optionNameConsentsBarMoreInformationText); ?>"
530
- placeholder="<?php echo htmlspecialchars($consentsBarMoreInformationText); ?>"
531
- value="<?php echo htmlspecialchars($consentsBarMoreInformationText); ?>"/>
532
  </div>
533
  </div>
534
  <div class="wpgdprc-setting">
535
- <label for="<?php echo htmlspecialchars($optionNameConsentsBarButtonText); ?>"><?php _e('Bar: Accept Button Text', WP_GDPR_C_SLUG); ?></label>
536
  <div class="wpgdprc-options">
537
- <input type="text" name="<?php echo htmlspecialchars($optionNameConsentsBarButtonText); ?>"
538
- class="regular-text" id="<?php echo htmlspecialchars($optionNameConsentsBarButtonText); ?>"
539
- placeholder="<?php echo htmlspecialchars($consentsBarButtonText); ?>"
540
- value="<?php echo htmlspecialchars($consentsBarButtonText); ?>"/>
541
  </div>
542
  </div>
543
  <div class="wpgdprc-setting">
@@ -571,20 +571,20 @@ class Page {
571
  </div>
572
  </div>
573
  <div class="wpgdprc-setting">
574
- <label for="<?php echo htmlspecialchars($optionNameConsentsModalTitle); ?>"><?php _e('Modal: Title', WP_GDPR_C_SLUG); ?></label>
575
  <div class="wpgdprc-options">
576
- <input type="text" name="<?php echo htmlspecialchars($optionNameConsentsModalTitle); ?>"
577
- class="regular-text" id="<?php echo htmlspecialchars($optionNameConsentsModalTitle); ?>"
578
- placeholder="<?php echo htmlspecialchars($consentsModalTitle); ?>"
579
- value="<?php echo htmlspecialchars($consentsModalTitle); ?>"/>
580
  </div>
581
  </div>
582
  <div class="wpgdprc-setting">
583
- <label for="<?php echo htmlspecialchars($optionNameConsentsModalExplanationText); ?>"><?php _e('Modal: Explanation', WP_GDPR_C_SLUG); ?></label>
584
  <div class="wpgdprc-options">
585
- <textarea name="<?php echo htmlspecialchars($optionNameConsentsModalExplanationText); ?>" rows="5"
586
- id="<?php echo htmlspecialchars($optionNameConsentsModalExplanationText); ?>"
587
- placeholder="<?php echo htmlspecialchars($consentsModalExplanationText); ?>"><?php echo htmlspecialchars($consentsModalExplanationText); ?></textarea>
588
  <?php echo Helper::getAllowedHTMLTagsOutput(); ?>
589
  </div>
590
  </div>
@@ -637,7 +637,7 @@ class Page {
637
  <label for="wpgdprc_title"><?php _e('Title', WP_GDPR_C_SLUG); ?></label>
638
  <div class="wpgdprc-options">
639
  <input type="text" name="title" class="regular-text" id="wpgdprc_title"
640
- value="<?php echo $consent->getTitle(); ?>" required="required"/>
641
  <div class="wpgdprc-information">
642
  <p><?php _e('e.g. "Google Analytics" or "Advertising"', WP_GDPR_C_SLUG); ?></p>
643
  </div>
@@ -648,7 +648,7 @@ class Page {
648
  <div class="wpgdprc-options">
649
  <textarea name="description" id="wpgdprc_description" rows="5" autocomplete="false"
650
  autocorrect="false" autocapitalize="false"
651
- spellcheck="false"><?php echo $consent->getDescription(); ?></textarea>
652
  <div class="wpgdprc-information">
653
  <p><?php _e('Describe your consent script as thoroughly as possible. %privacy_policy% will not work.', WP_GDPR_C_SLUG); ?></p>
654
  </div>
@@ -902,7 +902,7 @@ class Page {
902
  data-id="<?php echo $request->getId(); ?>">
903
  <td><?php printf('#%d', $request->getId()); ?></td>
904
  <td><?php echo $request->getNiceTypeLabel(); ?></td>
905
- <td><?php echo $request->getIpAddress(); ?></td>
906
  <td><?php echo $request->getDateCreated(); ?></td>
907
  <td>
908
  <span class="dashicons dashicons-<?php echo ($request->getProcessed()) ? 'yes' : 'no'; ?>"></span>
@@ -1016,8 +1016,8 @@ class Page {
1016
  }
1017
  ?>
1018
  </td>
1019
- <td><?php echo $request->getEmailAddress(); ?></td>
1020
- <td><?php echo $request->getIpAddress(); ?></td>
1021
  <td><?php echo $request->getDateCreated(); ?></td>
1022
  <td><?php echo ($request->getExpired()) ? __('Expired', WP_GDPR_C_SLUG) : __('Active', WP_GDPR_C_SLUG); ?></td>
1023
  </tr>
346
  $privacyPolicyLink = esc_html(Integration::getPrivacyPolicyLink());
347
  $enableAccessRequest = Helper::isEnabled('enable_access_request', 'settings');
348
  $accessRequestPage = get_option($optionNameAccessRequestPage);
349
+ $accessRequestFormCheckboxText = esc_html(Integration::getAccessRequestFormCheckboxText(false));
350
+ $deleteRequestFormExplanationText = esc_html(Integration::getDeleteRequestFormExplanationText(false));
351
+ $consentsBarExplanationText = esc_html(Consent::getBarExplanationText());
352
+ $consentsBarMoreInformationText = esc_html(Consent::getBarMoreInformationText());
353
+ $consentsBarButtonText = esc_html(Consent::getBarButtonText());
354
  $consentsModalTitle = Consent::getModalTitle();
355
+ $consentsModalExplanationText = esc_html(Consent::getModalExplanationText());
356
  ?>
357
  <form method="post" action="<?php echo admin_url('options.php'); ?>" novalidate="novalidate">
358
  <?php settings_fields(WP_GDPR_C_SLUG . '_settings'); ?>
426
  <div class="wpgdprc-options">
427
  <input type="text" name="<?php echo $optionNamePrivacyPolicyText; ?>" class="regular-text"
428
  id="<?php echo $optionNamePrivacyPolicyText; ?>"
429
+ placeholder="<?php echo esc_html($privacyPolicyText); ?>" value="<?php echo esc_html($privacyPolicyText); ?>"/>
430
  </div>
431
  </div>
432
  <p><strong><?php _e('Request User Data', WP_GDPR_C_SLUG); ?></strong></p>
480
  <div class="wpgdprc-options">
481
  <input type="text" name="<?php echo $optionNameAccessRequestFormCheckboxText; ?>"
482
  class="regular-text" id="<?php echo $optionNameAccessRequestFormCheckboxText; ?>"
483
+ placeholder="<?php echo esc_html($accessRequestFormCheckboxText); ?>"
484
+ value="<?php echo esc_html($accessRequestFormCheckboxText); ?>"/>
485
  </div>
486
  </div>
487
  <div class="wpgdprc-setting">
489
  <div class="wpgdprc-options">
490
  <textarea name="<?php echo $optionNameDeleteRequestFormExplanationText; ?>" rows="5"
491
  id="<?php echo $optionNameAccessRequestFormCheckboxText; ?>"
492
+ placeholder="<?php echo esc_html($deleteRequestFormExplanationText); ?>"><?php echo esc_html($deleteRequestFormExplanationText); ?></textarea>
493
  <?php echo Helper::getAllowedHTMLTagsOutput(); ?>
494
  </div>
495
  </div>
515
  </div>
516
  </div>
517
  <div class="wpgdprc-setting">
518
+ <label for="<?php echo esc_html($optionNameConsentsBarExplanationText); ?>"><?php _e('Bar: Explanation', WP_GDPR_C_SLUG); ?></label>
519
  <div class="wpgdprc-options">
520
+ <textarea name="<?php echo esc_html($optionNameConsentsBarExplanationText); ?>" rows="2"
521
+ id="<?php echo esc_html($optionNameConsentsBarExplanationText); ?>"
522
+ placeholder="<?php echo esc_html($consentsBarExplanationText); ?>"><?php echo esc_html($consentsBarExplanationText); ?></textarea>
523
  </div>
524
  </div>
525
  <div class="wpgdprc-setting">
526
+ <label for="<?php echo esc_html($optionNameConsentsBarMoreInformationText); ?>"><?php _e('Bar: More Information Text', WP_GDPR_C_SLUG); ?></label>
527
  <div class="wpgdprc-options">
528
+ <input type="text" name="<?php echo esc_html($optionNameConsentsBarMoreInformationText); ?>"
529
+ class="regular-text" id="<?php echo esc_html($optionNameConsentsBarMoreInformationText); ?>"
530
+ placeholder="<?php echo esc_html($consentsBarMoreInformationText); ?>"
531
+ value="<?php echo esc_html($consentsBarMoreInformationText); ?>"/>
532
  </div>
533
  </div>
534
  <div class="wpgdprc-setting">
535
+ <label for="<?php echo esc_html($optionNameConsentsBarButtonText); ?>"><?php _e('Bar: Accept Button Text', WP_GDPR_C_SLUG); ?></label>
536
  <div class="wpgdprc-options">
537
+ <input type="text" name="<?php echo esc_html($optionNameConsentsBarButtonText); ?>"
538
+ class="regular-text" id="<?php echo esc_html($optionNameConsentsBarButtonText); ?>"
539
+ placeholder="<?php echo esc_html($consentsBarButtonText); ?>"
540
+ value="<?php echo esc_html($consentsBarButtonText); ?>"/>
541
  </div>
542
  </div>
543
  <div class="wpgdprc-setting">
571
  </div>
572
  </div>
573
  <div class="wpgdprc-setting">
574
+ <label for="<?php echo esc_html($optionNameConsentsModalTitle); ?>"><?php _e('Modal: Title', WP_GDPR_C_SLUG); ?></label>
575
  <div class="wpgdprc-options">
576
+ <input type="text" name="<?php echo esc_html($optionNameConsentsModalTitle); ?>"
577
+ class="regular-text" id="<?php echo esc_html($optionNameConsentsModalTitle); ?>"
578
+ placeholder="<?php echo esc_html($consentsModalTitle); ?>"
579
+ value="<?php echo esc_html($consentsModalTitle); ?>"/>
580
  </div>
581
  </div>
582
  <div class="wpgdprc-setting">
583
+ <label for="<?php echo esc_html($optionNameConsentsModalExplanationText); ?>"><?php _e('Modal: Explanation', WP_GDPR_C_SLUG); ?></label>
584
  <div class="wpgdprc-options">
585
+ <textarea name="<?php echo esc_html($optionNameConsentsModalExplanationText); ?>" rows="5"
586
+ id="<?php echo esc_html($optionNameConsentsModalExplanationText); ?>"
587
+ placeholder="<?php echo esc_html($consentsModalExplanationText); ?>"><?php echo esc_html($consentsModalExplanationText); ?></textarea>
588
  <?php echo Helper::getAllowedHTMLTagsOutput(); ?>
589
  </div>
590
  </div>
637
  <label for="wpgdprc_title"><?php _e('Title', WP_GDPR_C_SLUG); ?></label>
638
  <div class="wpgdprc-options">
639
  <input type="text" name="title" class="regular-text" id="wpgdprc_title"
640
+ value="<?php echo esc_html($consent->getTitle()); ?>" required="required"/>
641
  <div class="wpgdprc-information">
642
  <p><?php _e('e.g. "Google Analytics" or "Advertising"', WP_GDPR_C_SLUG); ?></p>
643
  </div>
648
  <div class="wpgdprc-options">
649
  <textarea name="description" id="wpgdprc_description" rows="5" autocomplete="false"
650
  autocorrect="false" autocapitalize="false"
651
+ spellcheck="false"><?php echo esc_html($consent->getDescription()); ?></textarea>
652
  <div class="wpgdprc-information">
653
  <p><?php _e('Describe your consent script as thoroughly as possible. %privacy_policy% will not work.', WP_GDPR_C_SLUG); ?></p>
654
  </div>
902
  data-id="<?php echo $request->getId(); ?>">
903
  <td><?php printf('#%d', $request->getId()); ?></td>
904
  <td><?php echo $request->getNiceTypeLabel(); ?></td>
905
+ <td><?php echo esc_html($request->getIpAddress()); ?></td>
906
  <td><?php echo $request->getDateCreated(); ?></td>
907
  <td>
908
  <span class="dashicons dashicons-<?php echo ($request->getProcessed()) ? 'yes' : 'no'; ?>"></span>
1016
  }
1017
  ?>
1018
  </td>
1019
+ <td><?php echo esc_html($request->getEmailAddress()); ?></td>
1020
+ <td><?php echo esc_html($request->getIpAddress()); ?></td>
1021
  <td><?php echo $request->getDateCreated(); ?></td>
1022
  <td><?php echo ($request->getExpired()) ? __('Expired', WP_GDPR_C_SLUG) : __('Active', WP_GDPR_C_SLUG); ?></td>
1023
  </tr>
readme.txt CHANGED
@@ -2,9 +2,9 @@
2
  Contributors: van-ons
3
  Tags: gdpr, law, regulations, compliance, data, protection, privacy, data protection, eu, avg, comments, woocommerce, wc, contact form 7, cf7
4
  Requires at least: 4.5
5
- Tested up to: 5.6
6
  Requires PHP: 5.3
7
- Stable tag: 1.5.5
8
  License: GPLv2 or later
9
  License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -44,6 +44,11 @@ You'll find answers to many of your questions on [https://www.wpgdprc.com/faq/](
44
 
45
  == Changelog ==
46
 
 
 
 
 
 
47
  = 1.5.5 =
48
  *Release date: December 18th, 2020*
49
  * Resolve deprecation notice for wp_make_content_images_responsive() since WordPress 5.5.0
2
  Contributors: van-ons
3
  Tags: gdpr, law, regulations, compliance, data, protection, privacy, data protection, eu, avg, comments, woocommerce, wc, contact form 7, cf7
4
  Requires at least: 4.5
5
+ Tested up to: 5.7
6
  Requires PHP: 5.3
7
+ Stable tag: 1.5.6
8
  License: GPLv2 or later
9
  License URI: https://www.gnu.org/licenses/gpl-2.0.html
10
 
44
 
45
  == Changelog ==
46
 
47
+ = 1.5.6 =
48
+ *Release date: February 15th, 2021*
49
+ * Added backwards compatibility for wp_make_content_images_responsive() on WordPress versions before 5.5.0
50
+ * Patched an XSS vulnerability (big thanks to Kamil Vavra for bringing this to our attention).
51
+
52
  = 1.5.5 =
53
  *Release date: December 18th, 2020*
54
  * Resolve deprecation notice for wp_make_content_images_responsive() since WordPress 5.5.0
wp-gdpr-compliance.php CHANGED
@@ -4,7 +4,7 @@
4
  Plugin Name: WP GDPR Compliance
5
  Plugin URI: https://www.wpgdprc.com/
6
  Description: This plugin assists website and webshop owners to comply with European privacy regulations known as GDPR. By May 24th, 2018 your website or shop has to comply to avoid large fines.
7
- Version: 1.5.5
8
  Author: Van Ons
9
  Author URI: https://www.van-ons.nl/
10
  License: GPL2
@@ -144,7 +144,12 @@ class WPGDPRC {
144
  add_filter('wpgdprc_the_content', 'convert_smilies', 20);
145
  add_filter('wpgdprc_the_content', 'wpautop');
146
  add_filter('wpgdprc_the_content', 'shortcode_unautop');
147
- add_filter('wpgdprc_the_content', 'wp_filter_content_tags');
 
 
 
 
 
148
  }
149
 
150
  public static function checkSession() {
4
  Plugin Name: WP GDPR Compliance
5
  Plugin URI: https://www.wpgdprc.com/
6
  Description: This plugin assists website and webshop owners to comply with European privacy regulations known as GDPR. By May 24th, 2018 your website or shop has to comply to avoid large fines.
7
+ Version: 1.5.6
8
  Author: Van Ons
9
  Author URI: https://www.van-ons.nl/
10
  License: GPL2
144
  add_filter('wpgdprc_the_content', 'convert_smilies', 20);
145
  add_filter('wpgdprc_the_content', 'wpautop');
146
  add_filter('wpgdprc_the_content', 'shortcode_unautop');
147
+
148
+ if (version_compare(get_bloginfo('version'), '5.5', '>=')) {
149
+ add_filter('wpgdprc_the_content', 'wp_filter_content_tags');
150
+ } else {
151
+ add_filter('wpgdprc_the_content', 'wp_make_content_images_responsive');
152
+ }
153
  }
154
 
155
  public static function checkSession() {