Version Description
(2015-05-04) = * Bug Fixes * Fixed the monitoring of plugin updates for WordPress 4.2 Support Ticket * Fixed an issue where multiple plugin updates triggered by drop down menu were not being reported * Fixed a conflict with Magic Fields 2 plugin Support Ticket * Updated the escaping of add_query_arg() function which could result in a potential XSS
Download this release
Release Info
| Developer | WPWhiteSecurity |
| Plugin |  WP Security Audit Log |
| Version | 1.6.1 |
| Comparing to | |
| See all releases | |
Code changes from version 1.6.0 to 1.6.1
- classes/LicenseManager.php +2 -2
- classes/Sensors/MetaData.php +39 -48
- classes/Sensors/PluginsThemes.php +12 -14
- defaults.php +3 -3
- readme.txt +11 -2
- wp-security-audit-log.php +1 -1
classes/LicenseManager.php
CHANGED
|
@@ -102,7 +102,7 @@ class WSAL_LicenseManager {
|
|
| 102 |
$api_params['url'] = urlencode(get_home_url($blog_id));
|
| 103 |
|
| 104 |
$response = wp_remote_get(
|
| 105 |
-
add_query_arg($api_params, $this->GetStoreUrl()),
|
| 106 |
array('timeout' => 15, 'sslverify' => false)
|
| 107 |
);
|
| 108 |
|
|
@@ -158,7 +158,7 @@ class WSAL_LicenseManager {
|
|
| 158 |
$api_params['url'] = urlencode(get_home_url($blog_id));
|
| 159 |
|
| 160 |
$response = wp_remote_get(
|
| 161 |
-
add_query_arg($api_params, $this->GetStoreUrl()),
|
| 162 |
array('timeout' => 15, 'sslverify' => false)
|
| 163 |
);
|
| 164 |
|
| 102 |
$api_params['url'] = urlencode(get_home_url($blog_id));
|
| 103 |
|
| 104 |
$response = wp_remote_get(
|
| 105 |
+
esc_url_raw(add_query_arg($api_params, $this->GetStoreUrl())),
|
| 106 |
array('timeout' => 15, 'sslverify' => false)
|
| 107 |
);
|
| 108 |
|
| 158 |
$api_params['url'] = urlencode(get_home_url($blog_id));
|
| 159 |
|
| 160 |
$response = wp_remote_get(
|
| 161 |
+
esc_url_raw(add_query_arg($api_params, $this->GetStoreUrl())),
|
| 162 |
array('timeout' => 15, 'sslverify' => false)
|
| 163 |
);
|
| 164 |
|
classes/Sensors/MetaData.php
CHANGED
|
@@ -3,15 +3,15 @@
|
|
| 3 |
class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
| 4 |
|
| 5 |
public function HookEvents() {
|
| 6 |
-
add_action('
|
| 7 |
add_action('update_post_meta', array($this, 'EventPostMetaUpdating'), 10, 3);
|
| 8 |
add_action('updated_post_meta', array($this, 'EventPostMetaUpdated'), 10, 4);
|
| 9 |
-
add_action('deleted_post_meta', array($this, 'EventPostMetaDeleted'), 10,
|
| 10 |
}
|
| 11 |
|
| 12 |
protected $old_meta = array();
|
| 13 |
|
| 14 |
-
protected function CanLogPostMeta($
|
| 15 |
{
|
| 16 |
//check if excluded meta key or starts with _
|
| 17 |
if ( substr($meta_key, 0, 1) == '_' ) {
|
|
@@ -29,17 +29,16 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
|
| 29 |
return (in_array($custom, $customFields)) ? true : false;
|
| 30 |
}
|
| 31 |
|
| 32 |
-
public function EventPostMetaCreated($
|
| 33 |
$post = get_post($object_id);
|
| 34 |
-
|
| 35 |
-
if(!$this->CanLogPostMeta($
|
| 36 |
|
| 37 |
switch($post->post_type){
|
| 38 |
case 'page':
|
| 39 |
$this->plugin->alerts->Trigger(2059, array(
|
| 40 |
'PostID' => $object_id,
|
| 41 |
'PostTitle' => $post->post_title,
|
| 42 |
-
'MetaID' => $meta_id,
|
| 43 |
'MetaKey' => $meta_key,
|
| 44 |
'MetaValue' => $_meta_value,
|
| 45 |
'MetaLink' => $meta_key,
|
|
@@ -49,7 +48,6 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
|
| 49 |
$this->plugin->alerts->Trigger(2053, array(
|
| 50 |
'PostID' => $object_id,
|
| 51 |
'PostTitle' => $post->post_title,
|
| 52 |
-
'MetaID' => $meta_id,
|
| 53 |
'MetaKey' => $meta_key,
|
| 54 |
'MetaValue' => $_meta_value,
|
| 55 |
'MetaLink' => $meta_key,
|
|
@@ -60,7 +58,6 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
|
| 60 |
'PostID' => $object_id,
|
| 61 |
'PostTitle' => $post->post_title,
|
| 62 |
'PostType' => $post->post_type,
|
| 63 |
-
'MetaID' => $meta_id,
|
| 64 |
'MetaKey' => $meta_key,
|
| 65 |
'MetaValue' => $_meta_value,
|
| 66 |
'MetaLink' => $meta_key,
|
|
@@ -80,7 +77,7 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
|
| 80 |
public function EventPostMetaUpdated($meta_id, $object_id, $meta_key, $_meta_value){
|
| 81 |
$post = get_post($object_id);
|
| 82 |
|
| 83 |
-
if(!$this->CanLogPostMeta($
|
| 84 |
|
| 85 |
if(isset($this->old_meta[$meta_id])){
|
| 86 |
|
|
@@ -169,46 +166,40 @@ class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
|
| 169 |
}
|
| 170 |
}
|
| 171 |
|
| 172 |
-
public function EventPostMetaDeleted($
|
| 173 |
$post = get_post($object_id);
|
| 174 |
-
|
| 175 |
-
|
| 176 |
-
|
| 177 |
-
if(!$this->CanLogPostMeta($meta_id, $object_id, $meta_key))continue;
|
| 178 |
|
| 179 |
-
|
| 180 |
-
|
| 181 |
-
|
| 182 |
-
|
| 183 |
-
|
| 184 |
-
|
| 185 |
-
|
| 186 |
-
|
| 187 |
-
|
| 188 |
-
|
| 189 |
-
|
| 190 |
-
|
| 191 |
-
$
|
| 192 |
-
|
| 193 |
-
|
| 194 |
-
|
| 195 |
-
|
| 196 |
-
|
| 197 |
-
|
| 198 |
-
|
| 199 |
-
|
| 200 |
-
|
| 201 |
-
$
|
| 202 |
-
|
| 203 |
-
|
| 204 |
-
|
| 205 |
-
|
| 206 |
-
|
| 207 |
-
|
| 208 |
-
'MetaLink' => $meta_key,
|
| 209 |
-
));
|
| 210 |
-
break;
|
| 211 |
-
}
|
| 212 |
}
|
| 213 |
}
|
| 214 |
}
|
| 3 |
class WSAL_Sensors_MetaData extends WSAL_AbstractSensor {
|
| 4 |
|
| 5 |
public function HookEvents() {
|
| 6 |
+
add_action('add_post_meta', array($this, 'EventPostMetaCreated'), 10, 3);
|
| 7 |
add_action('update_post_meta', array($this, 'EventPostMetaUpdating'), 10, 3);
|
| 8 |
add_action('updated_post_meta', array($this, 'EventPostMetaUpdated'), 10, 4);
|
| 9 |
+
add_action('deleted_post_meta', array($this, 'EventPostMetaDeleted'), 10, 3);
|
| 10 |
}
|
| 11 |
|
| 12 |
protected $old_meta = array();
|
| 13 |
|
| 14 |
+
protected function CanLogPostMeta($object_id, $meta_key)
|
| 15 |
{
|
| 16 |
//check if excluded meta key or starts with _
|
| 17 |
if ( substr($meta_key, 0, 1) == '_' ) {
|
| 29 |
return (in_array($custom, $customFields)) ? true : false;
|
| 30 |
}
|
| 31 |
|
| 32 |
+
public function EventPostMetaCreated($object_id, $meta_key, $_meta_value){
|
| 33 |
$post = get_post($object_id);
|
| 34 |
+
|
| 35 |
+
if(!$this->CanLogPostMeta($object_id, $meta_key))return;
|
| 36 |
|
| 37 |
switch($post->post_type){
|
| 38 |
case 'page':
|
| 39 |
$this->plugin->alerts->Trigger(2059, array(
|
| 40 |
'PostID' => $object_id,
|
| 41 |
'PostTitle' => $post->post_title,
|
|
|
|
| 42 |
'MetaKey' => $meta_key,
|
| 43 |
'MetaValue' => $_meta_value,
|
| 44 |
'MetaLink' => $meta_key,
|
| 48 |
$this->plugin->alerts->Trigger(2053, array(
|
| 49 |
'PostID' => $object_id,
|
| 50 |
'PostTitle' => $post->post_title,
|
|
|
|
| 51 |
'MetaKey' => $meta_key,
|
| 52 |
'MetaValue' => $_meta_value,
|
| 53 |
'MetaLink' => $meta_key,
|
| 58 |
'PostID' => $object_id,
|
| 59 |
'PostTitle' => $post->post_title,
|
| 60 |
'PostType' => $post->post_type,
|
|
|
|
| 61 |
'MetaKey' => $meta_key,
|
| 62 |
'MetaValue' => $_meta_value,
|
| 63 |
'MetaLink' => $meta_key,
|
| 77 |
public function EventPostMetaUpdated($meta_id, $object_id, $meta_key, $_meta_value){
|
| 78 |
$post = get_post($object_id);
|
| 79 |
|
| 80 |
+
if(!$this->CanLogPostMeta($object_id, $meta_key))return;
|
| 81 |
|
| 82 |
if(isset($this->old_meta[$meta_id])){
|
| 83 |
|
| 166 |
}
|
| 167 |
}
|
| 168 |
|
| 169 |
+
public function EventPostMetaDeleted($object_id, $meta_id, $meta_key){
|
| 170 |
$post = get_post($object_id);
|
| 171 |
+
|
| 172 |
+
if(!$this->CanLogPostMeta($object_id, $meta_key))return;
|
|
|
|
|
|
|
| 173 |
|
| 174 |
+
switch($post->post_type){
|
| 175 |
+
case 'page':
|
| 176 |
+
$this->plugin->alerts->Trigger(2061, array(
|
| 177 |
+
'PostID' => $object_id,
|
| 178 |
+
'PostTitle' => $post->post_title,
|
| 179 |
+
'MetaID' => $meta_id,
|
| 180 |
+
'MetaKey' => $meta_key,
|
| 181 |
+
'MetaLink' => $meta_key,
|
| 182 |
+
));
|
| 183 |
+
break;
|
| 184 |
+
case 'post':
|
| 185 |
+
$this->plugin->alerts->Trigger(2055, array(
|
| 186 |
+
'PostID' => $object_id,
|
| 187 |
+
'PostTitle' => $post->post_title,
|
| 188 |
+
'MetaID' => $meta_id,
|
| 189 |
+
'MetaKey' => $meta_key,
|
| 190 |
+
'MetaLink' => $meta_key,
|
| 191 |
+
));
|
| 192 |
+
break;
|
| 193 |
+
default:
|
| 194 |
+
$this->plugin->alerts->Trigger(2058, array(
|
| 195 |
+
'PostID' => $object_id,
|
| 196 |
+
'PostTitle' => $post->post_title,
|
| 197 |
+
'PostType' => $post->post_type,
|
| 198 |
+
'MetaID' => $meta_id,
|
| 199 |
+
'MetaKey' => $meta_key,
|
| 200 |
+
'MetaLink' => $meta_key,
|
| 201 |
+
));
|
| 202 |
+
break;
|
|
|
|
|
|
|
|
|
|
|
|
|
| 203 |
}
|
| 204 |
}
|
| 205 |
}
|
classes/Sensors/PluginsThemes.php
CHANGED
|
@@ -20,8 +20,8 @@ class WSAL_Sensors_PluginsThemes extends WSAL_AbstractSensor {
|
|
| 20 |
}
|
| 21 |
|
| 22 |
public function EventAdminShutdown(){
|
| 23 |
-
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
|
| 24 |
-
$action = isset($_REQUEST['action2']) ? $_REQUEST['action2'] : $action;
|
| 25 |
$actype = basename($_SERVER['SCRIPT_NAME'], '.php');
|
| 26 |
$is_themes = $actype == 'themes';
|
| 27 |
$is_plugins = $actype == 'plugins';
|
|
@@ -49,7 +49,7 @@ class WSAL_Sensors_PluginsThemes extends WSAL_AbstractSensor {
|
|
| 49 |
),
|
| 50 |
));
|
| 51 |
}
|
| 52 |
-
|
| 53 |
// activate plugin
|
| 54 |
if($is_plugins && in_array($action, array('activate', 'activate-selected')) && current_user_can("activate_plugins")){
|
| 55 |
if(isset($_REQUEST['plugin'])){
|
|
@@ -72,7 +72,7 @@ class WSAL_Sensors_PluginsThemes extends WSAL_AbstractSensor {
|
|
| 72 |
));
|
| 73 |
}
|
| 74 |
}
|
| 75 |
-
|
| 76 |
// deactivate plugin
|
| 77 |
if($is_plugins && in_array($action, array('deactivate', 'deactivate-selected')) && current_user_can("activate_plugins")){
|
| 78 |
if(isset($_REQUEST['plugin'])){
|
|
@@ -120,17 +120,15 @@ class WSAL_Sensors_PluginsThemes extends WSAL_AbstractSensor {
|
|
| 120 |
}
|
| 121 |
|
| 122 |
// upgrade plugin
|
| 123 |
-
if(in_array($action, array('upgrade-plugin', 'update-selected')) && current_user_can("update_plugins")){
|
| 124 |
-
|
| 125 |
-
|
| 126 |
-
|
| 127 |
-
|
|
|
|
| 128 |
}
|
| 129 |
-
if(isset($
|
| 130 |
-
|
| 131 |
-
$_REQUEST['checked'] = array($_REQUEST['checked']);
|
| 132 |
-
}
|
| 133 |
-
foreach($_REQUEST['checked'] as $pluginFile){
|
| 134 |
$pluginFile = WP_PLUGIN_DIR . '/' . $pluginFile;
|
| 135 |
$pluginData = get_plugin_data($pluginFile, false, true);
|
| 136 |
$this->plugin->alerts->Trigger(5004, array(
|
| 20 |
}
|
| 21 |
|
| 22 |
public function EventAdminShutdown(){
|
| 23 |
+
$action = (isset($_REQUEST['action']) && $_REQUEST['action'] != "-1") ? $_REQUEST['action'] : '';
|
| 24 |
+
$action = (isset($_REQUEST['action2']) && $_REQUEST['action2'] != "-1") ? $_REQUEST['action2'] : $action;
|
| 25 |
$actype = basename($_SERVER['SCRIPT_NAME'], '.php');
|
| 26 |
$is_themes = $actype == 'themes';
|
| 27 |
$is_plugins = $actype == 'plugins';
|
| 49 |
),
|
| 50 |
));
|
| 51 |
}
|
| 52 |
+
|
| 53 |
// activate plugin
|
| 54 |
if($is_plugins && in_array($action, array('activate', 'activate-selected')) && current_user_can("activate_plugins")){
|
| 55 |
if(isset($_REQUEST['plugin'])){
|
| 72 |
));
|
| 73 |
}
|
| 74 |
}
|
| 75 |
+
|
| 76 |
// deactivate plugin
|
| 77 |
if($is_plugins && in_array($action, array('deactivate', 'deactivate-selected')) && current_user_can("activate_plugins")){
|
| 78 |
if(isset($_REQUEST['plugin'])){
|
| 120 |
}
|
| 121 |
|
| 122 |
// upgrade plugin
|
| 123 |
+
if(in_array($action, array('upgrade-plugin', 'update-plugin', 'update-selected')) && current_user_can("update_plugins")){
|
| 124 |
+
$plugins = array();
|
| 125 |
+
if(isset($_REQUEST['plugins'])){
|
| 126 |
+
$plugins = explode(",", $_REQUEST['plugins']);
|
| 127 |
+
} else if(isset($_REQUEST['plugin'])){
|
| 128 |
+
$plugins[] = $_REQUEST['plugin'];
|
| 129 |
}
|
| 130 |
+
if(isset($plugins)){
|
| 131 |
+
foreach($plugins as $pluginFile){
|
|
|
|
|
|
|
|
|
|
| 132 |
$pluginFile = WP_PLUGIN_DIR . '/' . $pluginFile;
|
| 133 |
$pluginData = get_plugin_data($pluginFile, false, true);
|
| 134 |
$this->plugin->alerts->Trigger(5004, array(
|
defaults.php
CHANGED
|
@@ -65,7 +65,7 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal){
|
|
| 65 |
array(2050, E_NOTICE, __('User removes post from sticky', 'wp-security-audit-log'), __('Removed the post %PostTitle% from Sticky', 'wp-security-audit-log')),
|
| 66 |
array(2053, E_NOTICE, __('User creates a custom field for a post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 67 |
array(2054, E_NOTICE, __('User updates a custom field value for a post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 68 |
-
array(2055, E_NOTICE, __('User deletes a custom field from a post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with
|
| 69 |
array(2062, E_NOTICE, __('User updates a custom field name for a post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 70 |
array(2065, E_WARNING, __('User modifies content for a published post', 'wp-security-audit-log'), __('Modified the content of published post %PostTitle%', 'wp-security-audit-log')),
|
| 71 |
array(2068, E_NOTICE, __('User modifies content for a draft post', 'wp-security-audit-log'), __('Modified the content of draft post %PostTitle%', 'wp-security-audit-log')),
|
|
@@ -87,7 +87,7 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal){
|
|
| 87 |
array(2048, E_CRITICAL, __('User changes the template of a page', 'wp-security-audit-log'), __('Changed the template of %PostTitle% page from %OldTemplate% to %NewTemplate%', 'wp-security-audit-log')),
|
| 88 |
array(2059, E_NOTICE, __('User creates a custom field for a page', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 89 |
array(2060, E_NOTICE, __('User updates a custom field value for a page', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 90 |
-
array(2061, E_NOTICE, __('User deletes a custom field from a page', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with
|
| 91 |
array(2064, E_NOTICE, __('User updates a custom field name for a page', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 92 |
array(2066, E_WARNING, __('User modifies content for a published page', 'wp-security-audit-log'), __('Modified the content of published page %PostTitle%', 'wp-security-audit-log')),
|
| 93 |
array(2069, E_NOTICE, __('User modifies content for a draft page', 'wp-security-audit-log'), __('Modified the content of draft page %PostTitle%', 'wp-security-audit-log')),
|
|
@@ -108,7 +108,7 @@ function wsaldefaults_wsal_init(WpSecurityAuditLog $wsal){
|
|
| 108 |
array(2041, E_NOTICE, __('User changed the date of post with custom post type', 'wp-security-audit-log'), __('Changed the date of custom post %PostTitle% of type %PostType% from %OldDate% to %NewDate%', 'wp-security-audit-log')),
|
| 109 |
array(2056, E_NOTICE, __('User creates a custom field for a custom post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 110 |
array(2057, E_NOTICE, __('User updates a custom field for a custom post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 111 |
-
array(2058, E_NOTICE, __('User deletes a custom field from a custom post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with
|
| 112 |
array(2063, E_NOTICE, __('User updates a custom field name for a custom post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 113 |
array(2067, E_WARNING, __('User modifies content for a published custom post', 'wp-security-audit-log'), __('Modified the content of published custom post type %PostTitle%', 'wp-security-audit-log')),
|
| 114 |
array(2070, E_NOTICE, __('User modifies content for a draft custom post', 'wp-security-audit-log'), __('Modified the content of draft custom post type %PostTitle%', 'wp-security-audit-log')),
|
| 65 |
array(2050, E_NOTICE, __('User removes post from sticky', 'wp-security-audit-log'), __('Removed the post %PostTitle% from Sticky', 'wp-security-audit-log')),
|
| 66 |
array(2053, E_NOTICE, __('User creates a custom field for a post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 67 |
array(2054, E_NOTICE, __('User updates a custom field value for a post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 68 |
+
array(2055, E_NOTICE, __('User deletes a custom field from a post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with id %MetaID% from post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 69 |
array(2062, E_NOTICE, __('User updates a custom field name for a post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in post %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 70 |
array(2065, E_WARNING, __('User modifies content for a published post', 'wp-security-audit-log'), __('Modified the content of published post %PostTitle%', 'wp-security-audit-log')),
|
| 71 |
array(2068, E_NOTICE, __('User modifies content for a draft post', 'wp-security-audit-log'), __('Modified the content of draft post %PostTitle%', 'wp-security-audit-log')),
|
| 87 |
array(2048, E_CRITICAL, __('User changes the template of a page', 'wp-security-audit-log'), __('Changed the template of %PostTitle% page from %OldTemplate% to %NewTemplate%', 'wp-security-audit-log')),
|
| 88 |
array(2059, E_NOTICE, __('User creates a custom field for a page', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 89 |
array(2060, E_NOTICE, __('User updates a custom field value for a page', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 90 |
+
array(2061, E_NOTICE, __('User deletes a custom field from a page', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with id %MetaID% from page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 91 |
array(2064, E_NOTICE, __('User updates a custom field name for a page', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in page %PostTitle%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 92 |
array(2066, E_WARNING, __('User modifies content for a published page', 'wp-security-audit-log'), __('Modified the content of published page %PostTitle%', 'wp-security-audit-log')),
|
| 93 |
array(2069, E_NOTICE, __('User modifies content for a draft page', 'wp-security-audit-log'), __('Modified the content of draft page %PostTitle%', 'wp-security-audit-log')),
|
| 108 |
array(2041, E_NOTICE, __('User changed the date of post with custom post type', 'wp-security-audit-log'), __('Changed the date of custom post %PostTitle% of type %PostType% from %OldDate% to %NewDate%', 'wp-security-audit-log')),
|
| 109 |
array(2056, E_NOTICE, __('User creates a custom field for a custom post', 'wp-security-audit-log'), __('Created custom field %MetaKey% with value %MetaValue% in custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 110 |
array(2057, E_NOTICE, __('User updates a custom field for a custom post', 'wp-security-audit-log'), __('Modified the value of custom field %MetaKey% from %MetaValueOld% to %MetaValueNew% in custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 111 |
+
array(2058, E_NOTICE, __('User deletes a custom field from a custom post', 'wp-security-audit-log'), __('Deleted custom field %MetaKey% with id %MetaID% from custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 112 |
array(2063, E_NOTICE, __('User updates a custom field name for a custom post', 'wp-security-audit-log'), __('Changed the custom field name from %MetaKeyOld% to %MetaKeyNew% in custom post %PostTitle% of type %PostType%'.'%MetaLink%', 'wp-security-audit-log')),
|
| 113 |
array(2067, E_WARNING, __('User modifies content for a published custom post', 'wp-security-audit-log'), __('Modified the content of published custom post type %PostTitle%', 'wp-security-audit-log')),
|
| 114 |
array(2070, E_NOTICE, __('User modifies content for a draft custom post', 'wp-security-audit-log'), __('Modified the content of draft custom post type %PostTitle%', 'wp-security-audit-log')),
|
readme.txt
CHANGED
|
@@ -6,8 +6,8 @@ License: GPLv3
|
|
| 6 |
License URI: http://www.gnu.org/licenses/gpl.html
|
| 7 |
Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report
|
| 8 |
Requires at least: 3.6
|
| 9 |
-
Tested up to: 4.
|
| 10 |
-
Stable tag: 1.6.
|
| 11 |
|
| 12 |
Keep an WordPress audit log of all users' changes and other under the hood activity - Identify WordPress issues before they become security problems.
|
| 13 |
|
|
@@ -81,6 +81,7 @@ We need help translating the plugin and the WordPress Security Events. If you're
|
|
| 81 |
* Italian translation by [Leonardo Musumeci](http://leonardomusumeci.net/)
|
| 82 |
* German translation by [Mourad Louha](http://excel-translator.de)
|
| 83 |
* Romanian translations by [Artmotion Secure Servers](http://www.artmotion.eu)
|
|
|
|
| 84 |
* Spanish translation by Andrew Kurtis
|
| 85 |
|
| 86 |
= WordPress & PHP Errors Monitoring Tools =
|
|
@@ -111,6 +112,7 @@ WP Security Audit Log plugin also has a number of features that make WordPress a
|
|
| 111 |
* [WPLift](http://wplift.com/wordpress-event-tracking)
|
| 112 |
* [BlogVault](https://blogvault.net/wp-security-audit-log-plugin-review/)
|
| 113 |
* [MyWPExpert](http://www.mywpexpert.com/wp-security-audit-log/)
|
|
|
|
| 114 |
|
| 115 |
= Related Links and Documentation =
|
| 116 |
For more information and to get started with WordPress Security, check out the following:
|
|
@@ -178,6 +180,13 @@ Yes it is possible to exclude custom fields from being monitored. To exclude a c
|
|
| 178 |
|
| 179 |
== Changelog ==
|
| 180 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 181 |
= 1.6.0 (2015-04-16) =
|
| 182 |
* **New Security Alerts**
|
| 183 |
* 5010: plugin created new tables in the WordPress database
|
| 6 |
License URI: http://www.gnu.org/licenses/gpl.html
|
| 7 |
Tags: wordpress security plugin, wordpress security audit log, audit log, wordpress log, event log wordpress, wordpress user tracking, wordpress activity log, wordpress audit, security event log, audit trail, security audit trail, wordpress security alerts, wordpress monitor, wordpress security monitor, wordpress admin, wordpress admin monitoring, analytics, activity, admin, multisite, wordpress multisite, actions, dashboard, log, notification, wordpress monitoring, email notification, wordpress email alerts, tracking, user tracking, user activity report
|
| 8 |
Requires at least: 3.6
|
| 9 |
+
Tested up to: 4.2.1
|
| 10 |
+
Stable tag: 1.6.1
|
| 11 |
|
| 12 |
Keep an WordPress audit log of all users' changes and other under the hood activity - Identify WordPress issues before they become security problems.
|
| 13 |
|
| 81 |
* Italian translation by [Leonardo Musumeci](http://leonardomusumeci.net/)
|
| 82 |
* German translation by [Mourad Louha](http://excel-translator.de)
|
| 83 |
* Romanian translations by [Artmotion Secure Servers](http://www.artmotion.eu)
|
| 84 |
+
* Serbo-Croatian by [Andrijana Nikolic](http://webhostinggeeks.com/)
|
| 85 |
* Spanish translation by Andrew Kurtis
|
| 86 |
|
| 87 |
= WordPress & PHP Errors Monitoring Tools =
|
| 112 |
* [WPLift](http://wplift.com/wordpress-event-tracking)
|
| 113 |
* [BlogVault](https://blogvault.net/wp-security-audit-log-plugin-review/)
|
| 114 |
* [MyWPExpert](http://www.mywpexpert.com/wp-security-audit-log/)
|
| 115 |
+
* [Shout Me Loud](http://www.shoutmeloud.com/how-to-monitor-user-activities-wordpress-dashboard.html)
|
| 116 |
|
| 117 |
= Related Links and Documentation =
|
| 118 |
For more information and to get started with WordPress Security, check out the following:
|
| 180 |
|
| 181 |
== Changelog ==
|
| 182 |
|
| 183 |
+
= 1.6.1 (2015-05-04) =
|
| 184 |
+
* **Bug Fixes**
|
| 185 |
+
* Fixed the monitoring of plugin updates for WordPress 4.2 [Support Ticket](https://wordpress.org/support/topic/not-logging-plugin-updates-in-42)
|
| 186 |
+
* Fixed an issue where multiple plugin updates triggered by drop down menu were not being reported
|
| 187 |
+
* Fixed a conflict with Magic Fields 2 plugin [Support Ticket](https://wordpress.org/support/topic/major-conflict-with-magic-fields-2)
|
| 188 |
+
* Updated the escaping of add_query_arg() function which could result in a potential XSS
|
| 189 |
+
|
| 190 |
= 1.6.0 (2015-04-16) =
|
| 191 |
* **New Security Alerts**
|
| 192 |
* 5010: plugin created new tables in the WordPress database
|
wp-security-audit-log.php
CHANGED
|
@@ -4,7 +4,7 @@ Plugin Name: WP Security Audit Log
|
|
| 4 |
Plugin URI: http://www.wpwhitesecurity.com/wordpress-security-plugins/wp-security-audit-log/
|
| 5 |
Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
|
| 6 |
Author: WP White Security
|
| 7 |
-
Version: 1.6.
|
| 8 |
Text Domain: wp-security-audit-log
|
| 9 |
Author URI: http://www.wpwhitesecurity.com/
|
| 10 |
License: GPL2
|
| 4 |
Plugin URI: http://www.wpwhitesecurity.com/wordpress-security-plugins/wp-security-audit-log/
|
| 5 |
Description: Identify WordPress security issues before they become a problem. Keep track of everything happening on your WordPress including WordPress users activity. Similar to Windows Event Log and Linux Syslog, WP Security Audit Log generates a security alert for everything that happens on your WordPress blogs and websites. Use the Audit Log Viewer included in the plugin to see all the security alerts.
|
| 6 |
Author: WP White Security
|
| 7 |
+
Version: 1.6.1
|
| 8 |
Text Domain: wp-security-audit-log
|
| 9 |
Author URI: http://www.wpwhitesecurity.com/
|
| 10 |
License: GPL2
|
