Changeset 3416100

Timestamp:

12/10/2025 08:22:53 AM (8 weeks ago)

Author:

mailerlite

Message:

updated to 1.7.17

Location:

official-mailerlite-sign-up-forms/trunk

Files:

• mailerlite.php (modified) (2 diffs)
• readme.txt (modified) (1 diff)
• src/Controllers/AdminController.php (modified) (1 diff)

official-mailerlite-sign-up-forms/trunk/mailerlite.php

@@ -4 +4 @@
  * Plugin URI: https://mailerlite.com
  * Description: Official MailerLite Signup forms plugin for WordPress. Ability to embed MailerLite webforms and create custom ones just with few clicks.
- * Version: 1.7.16
+ * Version: 1.7.17
  * Author: MailerLite
  * Author URI: https://www.mailerlite.com
@@ -35 +35 @@
 define( 'MAILERLITE_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
 
-define( 'MAILERLITE_VERSION', '1.7.16' );
+define( 'MAILERLITE_VERSION', '1.7.17' );
 
 define( 'MAILERLITE_PHP_VERSION', '7.2.5' );

official-mailerlite-sign-up-forms/trunk/readme.txt

@@ -130 +130 @@
 
 == Changelog ==
+= 1.7.17 =
+* Security fixes
+
 = 1.7.16 =
 * Security fixes

official-mailerlite-sign-up-forms/trunk/src/Controllers/AdminController.php

@@ -221 +221 @@
 
                         $form_data = [
-                            'title'           => $rolePermission->canEdit('form_title') ? $form_title : $form->data['form_title'],
+                            'title'           => wp_kses_post( $rolePermission->canEdit('form_title') ? $form_title : $form->data['form_title'] ),
                             'description'     => wp_kses_post( $rolePermission->canEdit('form_description') ? wpautop( $form_description, true ) : $form->data['description'] ),
                             'success_message' => wp_kses_post( $rolePermission->canEdit('success_message') ? wpautop( $success_message, true ) : $form->data['success_message'] ),
-                            'button'          => $rolePermission->canEdit('button_name') ? $button_name : $form->data['button'],
-                            'please_wait'     => $rolePermission->canEdit('please_wait') ? $please_wait : $form->data['please_wait'],
-                            'language'        => $rolePermission->canEdit('language') ? $language : $form->data['language'],
+                            'button'          => wp_kses_post( $rolePermission->canEdit('button_name') ? $button_name : $form->data['button'] ),
+                            'please_wait'     => wp_kses_post( $rolePermission->canEdit('please_wait') ? $please_wait : $form->data['please_wait'] ),
+                            'language'        => wp_kses_post( $rolePermission->canEdit('language') ? $language : $form->data['language'] ),
                             'lists'           => $rolePermission->canEdit('groups') ? $form_lists : $form->data['lists'],
                             'fields'          => $rolePermission->canEdit('form_fields') ? $prepared_fields : $form->data['fields'],
                             'selected_groups' => $rolePermission->canEdit('groups') && isset($form_selected_groups) ? $form_selected_groups : $form->data['selected_groups'],
-                            'email_label' => $email_label,
-                            'email_placeholder' => $email_placeholder,
+                            'email_label' => wp_kses_post( $email_label ),
+                            'email_placeholder' => wp_kses_post( $email_placeholder ),
                         ];