Changes in slideshow-gallery/trunk [3098970:3100785]
- Location:
- slideshow-gallery/trunk
- Files:
-
- 3 edited
-
readme.txt (modified) (2 diffs)
-
slideshow-gallery-plugin.php (modified) (1 diff)
-
slideshow-gallery.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
slideshow-gallery/trunk/readme.txt
r3098970 r3100785 5 5 Requires at least: 3.1 6 6 Tested up to: 6.5.4 7 Stable tag: 1.8. 17 Stable tag: 1.8.2 8 8 9 9 Feature content in a JavaScript powered slideshow gallery showcase on your WordPress website … … 187 187 == Changelog == 188 188 189 = 1.8.2 = 190 * FIX: Vulnerability SQL injection on shortcode gallery. 191 189 192 = 1.8.1 = 190 193 * FIX: Saving slides and galleries that are multilingual don't save the title and description. -
slideshow-gallery/trunk/slideshow-gallery-plugin.php
r3098970 r3100785 5 5 class GalleryPlugin extends GalleryCheckinit { 6 6 7 var $version = '1.8. 1';7 var $version = '1.8.2'; 8 8 var $plugin_name; 9 9 var $plugin_base; -
slideshow-gallery/trunk/slideshow-gallery.php
r3098970 r3100785 7 7 Author URI: https://tribulant.com 8 8 Description: Feature content in a JavaScript powered slideshow gallery showcase on your WordPress website. The slideshow is flexible and all aspects can easily be configured. Embedding or hardcoding the slideshow gallery is a breeze. See the <a href="https://tribulant.com/docs/wordpress-slideshow-gallery/1758/" target="_blank">online documentation</a> for instructions on using and embedding slideshow galleries. Upgrade to the premium version to remove all limitations. 9 Version: 1.8. 19 Version: 1.8.2 10 10 License: GNU General Public License v2 or later 11 11 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 504 504 505 505 $s = shortcode_atts($defaults, $atts); 506 507 508 // Sanitize each element in the $s array 509 foreach ($s as $key => $value) { 510 if (is_numeric($value)) { 511 $s[$key] = intval($value); // For integers 512 } elseif (is_array($value)) { 513 $s[$key] = array_map('sanitize_text_field', $value); // For arrays 514 } else { 515 $s[$key] = sanitize_text_field($value); // For strings 516 } 517 } 518 519 // Additional validation based on the context 520 if (!in_array($s['orderf'], ['id', 'date', 'name', 'type', 'created'], true)) { 521 $s['orderf'] = 'created'; // Default fallback 522 } 523 524 if (!in_array(strtoupper($s['orderd']), ['ASC', 'DESC'], true)) { 525 $s['orderd'] = 'DESC'; // Default fallback 526 } 527 528 506 529 extract($s); 507 530
Note: See TracChangeset
for help on using the changeset viewer.