WordPress.org
Get WordPress

Plugin Directory

Changeset 2923581


Ignore:
Timestamp:
06/08/2023 05:44:10 PM (3 years ago)
Author:
lanacodes
Message:

Version update

Location:
lana-email-logger/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • lana-email-logger/trunk/assets/css/lana-email-logger-admin.css

    r2642710 r2923581  
    88body.admin_page_lana-email-view #poststuff #post-body-content pre {
    99    font-family: inherit;
     10    overflow: auto;
    1011}
    1112

  • lana-email-logger/trunk/includes/class-lana-email-logger-logs-list-table.php

    r2642710 r2923581  
    8686     */
    8787    public function column_cb( $item ) {
    88         return sprintf( '<input type="checkbox" name="lana_email_logger_log[]" value="%s" />', $item->id );
     88        return sprintf( '<input type="checkbox" name="lana_email_logger_log[]" value="%s" />', esc_attr( $item->id ) );
    8989    }
    9090
     
    100100        $log_view_url = esc_url( admin_url( 'admin.php?page=lana-email-view.php&id=' . $item->id ) );
    101101
    102         return sprintf( '<a href="%s">#%s &ndash; %s</a>', $log_view_url, $item->id, $item->subject );
     102        return sprintf( '<a href="%s">#%s &ndash; %s</a>', $log_view_url, esc_html( $item->id ), esc_html( $item->subject ) );
    103103    }
    104104
     
    121121        $user_edit_url = esc_url( admin_url( 'user-edit.php?user_id=' . $user->ID ) );
    122122
    123         return sprintf( '<a href="%s">%s &ndash; %s</a>', $user_edit_url, $user->user_login, $user->user_email );
     123        return sprintf( '<a href="%s">%s &ndash; %s</a>', $user_edit_url, esc_html( $user->user_login ), esc_html( $user->user_email ) );
    124124    }
    125125
     
    132132     */
    133133    public function column_email_to( $item ) {
    134         return $item->email_to;
     134        return esc_html( $item->email_to );
    135135    }
    136136
     
    150150        $date_content = sprintf( __( '%s ago', 'lana-email-logger' ), human_time_diff( strtotime( $item->date ), current_time( 'timestamp' ) ) );
    151151
    152         return sprintf( '<time title="%s">%s</time>', $date_title, $date_content );
     152        return sprintf( '<time title="%s">%s</time>', esc_attr( $date_title ), esc_html( $date_content ) );
    153153    }
    154154

  • lana-email-logger/trunk/lana-email-logger.php

    r2740125 r2923581  
    22/**
    33 * Plugin Name: Lana Email Logger
    4  * Plugin URI: http://lana.codes/lana-product/lana-email-logger/
     4 * Plugin URI: https://lana.codes/product/lana-email-logger/
    55 * Description: Logs all emails sent by WordPress.
    6  * Version: 1.0.2
     6 * Version: 1.1.0
    77 * Author: Lana Codes
    8  * Author URI: http://lana.codes/
     8 * Author URI: https://lana.codes/
    99 * Text Domain: lana-email-logger
    1010 * Domain Path: /languages
     
    1212
    1313defined( 'ABSPATH' ) or die();
    14 define( 'LANA_EMAIL_LOGGER_VERSION', '1.0.2' );
     14define( 'LANA_EMAIL_LOGGER_VERSION', '1.1.0' );
    1515define( 'LANA_EMAIL_LOGGER_DIR_URL', plugin_dir_url( __FILE__ ) );
    1616define( 'LANA_EMAIL_LOGGER_DIR_PATH', plugin_dir_path( __FILE__ ) );
     
    450450
    451451        <hr/>
    452         <a href="<?php echo esc_url( 'http://lana.codes/' ); ?>" target="_blank">
     452        <a href="<?php echo esc_url( 'https://lana.codes/' ); ?>" target="_blank">
    453453            <img src="<?php echo esc_url( LANA_EMAIL_LOGGER_DIR_URL . '/assets/img/plugin-header.png' ); ?>"
    454454                 alt="<?php esc_attr_e( 'Lana Codes', 'lana-email-logger' ); ?>"/>
     
    607607    global $wpdb;
    608608
    609     $email_to = $mail['to'];
    610     $subject  = $mail['subject'];
     609    $email_to = sanitize_email( $mail['to'] );
     610    $subject  = sanitize_text_field( $mail['subject'] );
    611611    $message  = wp_strip_all_tags( $mail['message'] );
    612612    $headers  = $mail['headers'];

  • lana-email-logger/trunk/readme.txt

    r2740125 r2923581  
    11=== Lana Email Logger ===
    22Contributors: lanacodes
     3Donate link: https://www.paypal.com/donate/?hosted_button_id=F34PNECNYHSA4
    34Tags: email, wp mail, send email, log email, logger
    45Requires at least: 4.0
    5 Tested up to: 6.0
    6 Stable tag: 1.0.2
     6Tested up to: 6.2
     7Stable tag: 1.1.0
    78Requires PHP: 5.3
    89License: GPLv2 or later
     
    1617
    1718= Lana Codes =
    18 [Lana Email Logger](http://lana.codes/lana-product/lana-email-logger/)
     19[Lana Email Logger](https://lana.codes/product/lana-email-logger/)
    1920
    2021== Installation ==
     
    3839
    3940= Lana Codes =
    40 [Support](http://lana.codes/contact/)
     41[Support](https://lana.codes/contact/)
    4142
    4243= WordPress Forum =
     
    4950
    5051== Changelog ==
     52
     53= 1.1.0 =
     54* security (CVE-2023-3166): fixed stored XSS vulnerability (thanks to Alex Thomas)
     55* bugfix email view message overflow
    5156
    5257= 1.0.2 =
     
    6166== Upgrade Notice ==
    6267
     68= 1.1.0 =
     69This version fixes a security vulnerability. Upgrade recommended.
     70
    6371= 1.0.2 =
    6472This version fixes settings link.
Note: See TracChangeset for help on using the changeset viewer.