Version Description
- Fixed add_query_arg vulnerability
Download this release
Release Info
| Developer | MyThemeShop |
| Plugin |  WP Subscribe |
| Version | 1.0.3 |
| Comparing to | |
| See all releases | |
Code changes from version 1.0.2 to 1.0.3
- readme.txt +4 -1
- wp-subscribe.php +4 -4
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Creator's website link: http://mythemeshop.com/plugins/wp-subscribe/
|
|
| 4 |
Tags: subscribe, subscription, subscription box, newsletter, subscribe widget, mailchimp, aweber, feedburner,
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 4.2
|
| 7 |
-
Stable tag: 1.0.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -72,6 +72,9 @@ Please disable all plugins and check if plugin is working properly. Then you can
|
|
| 72 |
|
| 73 |
== Changelog ==
|
| 74 |
|
|
|
|
|
|
|
|
|
|
| 75 |
= 1.0.2 =
|
| 76 |
* Added double opt-in possibility for Mailchimp
|
| 77 |
|
| 4 |
Tags: subscribe, subscription, subscription box, newsletter, subscribe widget, mailchimp, aweber, feedburner,
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 4.2
|
| 7 |
+
Stable tag: 1.0.3
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 72 |
|
| 73 |
== Changelog ==
|
| 74 |
|
| 75 |
+
= 1.0.3 =
|
| 76 |
+
* Fixed add_query_arg vulnerability
|
| 77 |
+
|
| 78 |
= 1.0.2 =
|
| 79 |
* Added double opt-in possibility for Mailchimp
|
| 80 |
|
wp-subscribe.php
CHANGED
|
@@ -4,7 +4,7 @@ Plugin Name: WP Subscribe
|
|
| 4 |
Plugin URI: http://mythemeshop.com/plugins/wp-subscribe/
|
| 5 |
Description: WP Subscribe is a simple but powerful subscription plugin which supports MailChimp, Aweber and Feedburner.
|
| 6 |
Author: MyThemeShop
|
| 7 |
-
Version: 1.0.
|
| 8 |
Author URI: http://mythemeshop.com/
|
| 9 |
*/
|
| 10 |
|
|
@@ -92,7 +92,7 @@ class wp_subscribe extends WP_Widget {
|
|
| 92 |
<?php } elseif ($instance['service'] == 'mailchimp') { ?>
|
| 93 |
|
| 94 |
<?php if (empty($_POST['mailchimp_email']) || (!empty($_POST['widget_id']) && $_POST['widget_id'] != $this->id)) { ?>
|
| 95 |
-
<form action="<?php echo add_query_arg('mailchimp_signup', '1'); ?>" method="post">
|
| 96 |
<input class="email-field" type="text" value="" placeholder="<?php echo $instance['email_placeholder']; ?>" name="mailchimp_email">
|
| 97 |
<input class="submit" name="submit" type="submit" value="<?php echo $instance['button_text']; ?>">
|
| 98 |
<input type="hidden" name="widget_id" value="<?php echo $this->id ?>" />
|
|
@@ -115,8 +115,8 @@ class wp_subscribe extends WP_Widget {
|
|
| 115 |
<div style="display: none;">
|
| 116 |
<input type="hidden" name="meta_split_id" value="" />
|
| 117 |
<input type="hidden" name="listname" value="" />
|
| 118 |
-
<input type="hidden" name="redirect" value="<?php echo add_query_arg('aweber_signedup', '1'); ?>" />
|
| 119 |
-
<input type="hidden" name="meta_redirect_onlist" value="<?php echo add_query_arg('aweber_signedup', '-1'); ?>" />
|
| 120 |
</div>
|
| 121 |
<input class="email-field" type="text" value="" placeholder="<?php echo $instance['email_placeholder']; ?>" name="email">
|
| 122 |
<input class="submit" name="submit" type="submit" value="<?php echo $instance['button_text']; ?>">
|
| 4 |
Plugin URI: http://mythemeshop.com/plugins/wp-subscribe/
|
| 5 |
Description: WP Subscribe is a simple but powerful subscription plugin which supports MailChimp, Aweber and Feedburner.
|
| 6 |
Author: MyThemeShop
|
| 7 |
+
Version: 1.0.3
|
| 8 |
Author URI: http://mythemeshop.com/
|
| 9 |
*/
|
| 10 |
|
| 92 |
<?php } elseif ($instance['service'] == 'mailchimp') { ?>
|
| 93 |
|
| 94 |
<?php if (empty($_POST['mailchimp_email']) || (!empty($_POST['widget_id']) && $_POST['widget_id'] != $this->id)) { ?>
|
| 95 |
+
<form action="<?php echo esc_url(add_query_arg('mailchimp_signup', '1')); ?>" method="post">
|
| 96 |
<input class="email-field" type="text" value="" placeholder="<?php echo $instance['email_placeholder']; ?>" name="mailchimp_email">
|
| 97 |
<input class="submit" name="submit" type="submit" value="<?php echo $instance['button_text']; ?>">
|
| 98 |
<input type="hidden" name="widget_id" value="<?php echo $this->id ?>" />
|
| 115 |
<div style="display: none;">
|
| 116 |
<input type="hidden" name="meta_split_id" value="" />
|
| 117 |
<input type="hidden" name="listname" value="" />
|
| 118 |
+
<input type="hidden" name="redirect" value="<?php echo esc_url(add_query_arg('aweber_signedup', '1')); ?>" />
|
| 119 |
+
<input type="hidden" name="meta_redirect_onlist" value="<?php echo esc_url(add_query_arg('aweber_signedup', '-1')); ?>" />
|
| 120 |
</div>
|
| 121 |
<input class="email-field" type="text" value="" placeholder="<?php echo $instance['email_placeholder']; ?>" name="email">
|
| 122 |
<input class="submit" name="submit" type="submit" value="<?php echo $instance['button_text']; ?>">
|
