YouTube Embed - Version 5.2.2

Version Description

  • Enhancement: A second attempt to fix that pesky vulnerability. Hopefully, all should now be well
Download this release

Release Info

Developer dartiss
Plugin Icon 128x128 YouTube Embed
Version 5.2.2
Comparing to
See all releases

Code changes from version 5.2 to 5.2.2

Files changed (5) hide show
  1. css/admin.css +17 -17
  2. css/main.css +16 -16
  3. includes/shortcodes.php +38 -38
  4. readme.txt +17 -9
  5. youtube-embed.php +2 -2
css/admin.css CHANGED
@@ -1,18 +1,18 @@
1
-
2
- .ye-container {
3
- position: relative;
4
- padding-bottom: 56.25%;
5
- padding-top: 0;
6
- height: 0;
7
- overflow: hidden;
8
- }
9
-
10
- .ye-container iframe,
11
- .ye-container object,
12
- .ye-container embed {
13
- position: absolute;
14
- top: 0;
15
- left: 0;
16
- width: 100%;
17
- height: 100%;
18
  }
 
 
 
 
 
 
 
 
 
 
1
+
2
+ .ye-container {
3
+ position: relative;
4
+ padding-bottom: 56.25%;
5
+ padding-top: 0;
6
+ height: 0;
7
+ overflow: hidden;
 
 
 
 
 
 
 
 
 
 
8
  }
9
+
10
+ .ye-container iframe,
11
+ .ye-container object,
12
+ .ye-container embed {
13
+ position: absolute;
14
+ top: 0;
15
+ left: 0;
16
+ width: 100%;
17
+ height: 100%;
18
+ }
css/main.css CHANGED
@@ -1,17 +1,17 @@
1
- .ye-container {
2
- position: relative;
3
- padding-bottom: 56.25%;
4
- padding-top: 0;
5
- height: 0;
6
- overflow: hidden;
7
- }
8
-
9
- .ye-container iframe,
10
- .ye-container object,
11
- .ye-container embed {
12
- position: absolute;
13
- top: 0;
14
- left: 0;
15
- width: 100%;
16
- height: 100%;
17
  }
 
 
 
 
 
 
 
 
 
 
1
+ .ye-container {
2
+ position: relative;
3
+ padding-bottom: 56.25%;
4
+ padding-top: 0;
5
+ height: 0;
6
+ overflow: hidden;
 
 
 
 
 
 
 
 
 
 
7
  }
8
+
9
+ .ye-container iframe,
10
+ .ye-container object,
11
+ .ye-container embed {
12
+ position: absolute;
13
+ top: 0;
14
+ left: 0;
15
+ width: 100%;
16
+ height: 100%;
17
+ }
includes/shortcodes.php CHANGED
@@ -187,34 +187,34 @@ function ye_video_shortcode( $paras = '', $content = '', $callback = '', $alt_sh
187
  // Create YouTube code.
188
 
189
  $array = array(
190
- 'id' => $content,
191
- 'width' => $width,
192
- 'height' => $height,
193
- 'fullscreen' => ye_convert( $fullscreen ),
194
- 'related' => ye_convert( $related ),
195
- 'autoplay' => ye_convert( $autoplay ),
196
- 'loop' => ye_convert( $loop ),
197
- 'start' => $start,
198
- 'info' => ye_convert( $info ),
199
- 'annotation' => ye_convert_3( $annotation ),
200
- 'cc' => ye_convert( $cc ),
201
- 'style' => $style,
202
- 'stop' => $stop,
203
- 'disablekb' => ye_convert( $disablekb ),
204
- 'ratio' => $ratio,
205
- 'controls' => $controls,
206
- 'profile' => $profile,
207
- 'list_style' => $list,
208
- 'template' => $template,
209
- 'color' => $color,
210
- 'responsive' => ye_convert( $responsive ),
211
- 'search' => ye_convert( $search ),
212
- 'user' => ye_convert( $user ),
213
- 'modest' => ye_convert( $modest ),
214
- 'playsinline' => ye_convert( $playsinline ),
215
- 'cc_lang' => $cc_lang,
216
- 'language' => $language,
217
- 'lazyload' => ye_convert( $lazyload ),
218
  );
219
 
220
  $youtube_code = ye_generate_youtube_code( $array );
@@ -253,16 +253,16 @@ function ye_thumbnail_sc( $paras = '', $content = '' ) {
253
  );
254
 
255
  $array = array(
256
- 'id' => $content,
257
- 'style' => $style,
258
- 'class' => $class,
259
- 'rel' => $rel,
260
- 'target' => $target,
261
- 'width' => $width,
262
- 'height' => $height,
263
- 'alt' => $alt,
264
- 'version' => $version,
265
- 'nolink' => $nolink,
266
  );
267
 
268
  return do_shortcode( ye_generate_thumbnail_code( $array ) );
187
  // Create YouTube code.
188
 
189
  $array = array(
190
+ 'id' => esc_attr( $content ),
191
+ 'width' => esc_attr( $width ),
192
+ 'height' => esc_attr( $height ),
193
+ 'fullscreen' => ye_convert( esc_attr( $fullscreen ) ),
194
+ 'related' => ye_convert( esc_attr( $related ) ),
195
+ 'autoplay' => ye_convert( esc_attr( $autoplay ) ),
196
+ 'loop' => ye_convert( esc_attr( $loop ) ),
197
+ 'start' => esc_attr( $start ),
198
+ 'info' => ye_convert( esc_attr( $info ) ),
199
+ 'annotation' => ye_convert_3( esc_attr( $annotation ) ),
200
+ 'cc' => ye_convert( esc_attr( $cc ) ),
201
+ 'style' => esc_attr( $style ),
202
+ 'stop' => esc_attr( $stop ),
203
+ 'disablekb' => ye_convert( esc_attr( $disablekb ) ),
204
+ 'ratio' => esc_attr( $ratio ),
205
+ 'controls' => esc_attr( $controls ),
206
+ 'profile' => esc_attr( $profile ),
207
+ 'list_style' => esc_attr( $list ),
208
+ 'template' => esc_attr( $template ),
209
+ 'color' => esc_attr( $color ),
210
+ 'responsive' => ye_convert( esc_attr( $responsive ) ),
211
+ 'search' => ye_convert( esc_attr( $search ) ),
212
+ 'user' => ye_convert( esc_attr( $user ) ),
213
+ 'modest' => ye_convert( esc_attr( $modest ) ),
214
+ 'playsinline' => ye_convert( esc_attr( $playsinline ) ),
215
+ 'cc_lang' => esc_attr( $cc_lang ),
216
+ 'language' => esc_attr( $language ),
217
+ 'lazyload' => ye_convert( esc_attr( $lazyload ) ),
218
  );
219
 
220
  $youtube_code = ye_generate_youtube_code( $array );
253
  );
254
 
255
  $array = array(
256
+ 'id' => esc_attr( $content ),
257
+ 'style' => esc_attr( $style ),
258
+ 'class' => esc_attr( $class ),
259
+ 'rel' => esc_attr( $rel ),
260
+ 'target' => esc_attr( $target ),
261
+ 'width' => esc_attr( $width ),
262
+ 'height' => esc_attr( $height ),
263
+ 'alt' => esc_attr( $alt ),
264
+ 'version' => esc_attr( $version ),
265
+ 'nolink' => esc_attr( $nolink ),
266
  );
267
 
268
  return do_shortcode( ye_generate_thumbnail_code( $array ) );
readme.txt CHANGED
@@ -3,13 +3,13 @@ Contributors: dartiss
3
  Donate link: https://artiss.blog/donate
4
  Tags: embed, insert, video, youtube
5
  Requires at least: 4.6
6
- Tested up to: 5.4
7
  Requires PHP: 5.3
8
- Stable tag: 5.2
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
12
- An incredibly fast, simple, yet powerful, method of embedding YouTube videos into your WordPress site.
13
 
14
  == Description ==
15
 
@@ -29,8 +29,10 @@ Key features include...
29
  * [iFrame Resizer](https://github.com/davidjbradshaw/iframe-resizer "iFrame Resizer") and [FitVids.js](https://github.com/davatron5000/FitVids.js "FitVids.js") supported to improve content resizing
30
  * Works "out of the box" with 4K, 60FPS and Chromecast - stream your embedded videos to your TV!
31
  * And much, much more!
32
-
33
- Please visit the [Github page](https://github.com/dartiss/youtube-embed "Github") for the latest code development, planned enhancements and known issues.
 
 
34
 
35
  == 🚦 Getting Started ==
36
 
@@ -323,8 +325,14 @@ Before reporting it please bear in mind that this plugin uses the standard YouTu
323
  7. The third party plugins menu
324
 
325
  == Changelog ==
326
-
327
- 🔢 [Learn more about my version numbering methodology](https://artiss.blog/2016/09/wordpress-plugin-versioning/ "WordPress Plugin Versioning")
 
 
 
 
 
 
328
 
329
  = 5.2 =
330
  * Enhancement: What have I been doing during the pandemic? Picking through this code and resolving coding standards. Sigh. There's a LOT. Not all are done but will be in future updates but, for now, the majority are. Based on the amount of code I've had to change, I'm worried I've broken something. But, you know, every day's a school day and this has taught me a LOT
@@ -561,5 +569,5 @@ Before reporting it please bear in mind that this plugin uses the standard YouTu
561
 
562
  == Upgrade Notice ==
563
 
564
- = 5.2 =
565
- * Native lazy loading is a go! And lots of code quality tweaks that you won't notice unless you crack open the source code...
3
  Donate link: https://artiss.blog/donate
4
  Tags: embed, insert, video, youtube
5
  Requires at least: 4.6
6
+ Tested up to: 5.8
7
  Requires PHP: 5.3
8
+ Stable tag: 5.2.2
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
12
+ 🎥 An incredibly fast, simple, yet powerful, method of embedding YouTube videos into your WordPress site.
13
 
14
  == Description ==
15
 
29
  * [iFrame Resizer](https://github.com/davidjbradshaw/iframe-resizer "iFrame Resizer") and [FitVids.js](https://github.com/davatron5000/FitVids.js "FitVids.js") supported to improve content resizing
30
  * Works "out of the box" with 4K, 60FPS and Chromecast - stream your embedded videos to your TV!
31
  * And much, much more!
32
+
33
+ Iconography is courtesy of the very talented [Janki Rathod](https://www.fiverr.com/jankirathore) ♥️
34
+
35
+ 👉 Please visit the [Github page](https://github.com/dartiss/youtube-embe "Github") for the latest code development, planned enhancements and known issues 👈
36
 
37
  == 🚦 Getting Started ==
38
 
325
  7. The third party plugins menu
326
 
327
  == Changelog ==
328
+
329
+ I use semantic versioning, with the first release being 1.0.
330
+
331
+ = 5.2.2 =
332
+ * Enhancement: A second attempt to fix that pesky vulnerability. Hopefully, all should now be well
333
+
334
+ = 5.2.1 =
335
+ * Enhancement: Fixed a security vulnerability where the shortcode attributes not being escaped/validated. Thanks to [apple502j](https://github.com/apple502j) for reporting this, via [WPScan](http://wpscan.com/)
336
 
337
  = 5.2 =
338
  * Enhancement: What have I been doing during the pandemic? Picking through this code and resolving coding standards. Sigh. There's a LOT. Not all are done but will be in future updates but, for now, the majority are. Based on the amount of code I've had to change, I'm worried I've broken something. But, you know, every day's a school day and this has taught me a LOT
569
 
570
  == Upgrade Notice ==
571
 
572
+ = 5.2.2 =
573
+ * A security vulnerability in the shortcode attributes has been fixed. You can breathe easy once more
youtube-embed.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: YouTube Embed
4
  Plugin URI: https://github.com/dartiss/youtube-embed
5
  Description: An incredibly fast, simple, yet powerful, method of embedding YouTube videos into your WordPress site.
6
- Version: 5.2
7
  Author: dartiss
8
  Author URI: https://artiss.blog
9
  Text Domain: youtube-embed
@@ -11,7 +11,7 @@ Text Domain: youtube-embed
11
  @package youtube-embed
12
  */
13
 
14
- define( 'YOUTUBE_EMBED_VERSION', '5.2' );
15
 
16
  $functions_dir = plugin_dir_path( __FILE__ ) . 'includes/';
17
 
3
  Plugin Name: YouTube Embed
4
  Plugin URI: https://github.com/dartiss/youtube-embed
5
  Description: An incredibly fast, simple, yet powerful, method of embedding YouTube videos into your WordPress site.
6
+ Version: 5.2.2
7
  Author: dartiss
8
  Author URI: https://artiss.blog
9
  Text Domain: youtube-embed
11
  @package youtube-embed
12
  */
13
 
14
+ define( 'YOUTUBE_EMBED_VERSION', '5.2.2' );
15
 
16
  $functions_dir = plugin_dir_path( __FILE__ ) . 'includes/';
17