Skip to content
This repository has been archived by the owner on Oct 30, 2024. It is now read-only.

Commit

Permalink
Redo XSS fix as reported by wpscan
Browse files Browse the repository at this point in the history 
Bump WP tested version
  • Loading branch information
@zedzedzed
zedzedzed committed Aug 5, 2024
1 parent c27275f commit c10e6a7
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 6 deletions.
4 changes: 2 additions & 2 deletions includes/class-toc-plus.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -473,8 +473,8 @@ public function wp_enqueue_scripts() {
wp_enqueue_script( 'toc-front' );
if ( $this->options['show_heading_text'] && $this->options['visibility'] ) {
$width = ( 'User defined' !== $this->options['width'] ) ? $this->options['width'] : $this->options['width_custom'] . $this->options['width_custom_units'];
$js_vars['visibility_show'] = esc_js( wp_kses_post( $this->options['visibility_show'] ) );
$js_vars['visibility_hide'] = esc_js( wp_kses_post( $this->options['visibility_hide'] ) );
$js_vars['visibility_show'] = esc_js( wp_kses_post( html_entity_decode( $this->options['visibility_show'] ) ) );
$js_vars['visibility_hide'] = esc_js( wp_kses_post( html_entity_decode( $this->options['visibility_hide'] ) ) );
if ( $this->options['visibility_hide_by_default'] ) {
$js_vars['visibility_hide_by_default'] = true;
}
Expand Down
2 changes: 1 addition & 1 deletion includes/globals.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<?php

define( 'TOC_VERSION', '2406' );
define( 'TOC_VERSION', '2408' );
define( 'TOC_POSITION_BEFORE_FIRST_HEADING', 1 );
define( 'TOC_POSITION_TOP', 2 );
define( 'TOC_POSITION_BOTTOM', 3 );
Expand Down
8 changes: 6 additions & 2 deletions readme.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
Contributors: conjur3r
Tags: table of contents, indexes, toc, sitemap, cms, options, list, page listing, category listing
Requires at least: 3.2
Tested up to: 6.5.4
Stable tag: 2406
Tested up to: 6.6.1
Stable tag: 2408
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Expand Down Expand Up @@ -104,6 +104,10 @@ I will never ask for any form of reward or compensation. Helping others achieve


== Changelog ==
= 2408 =
* Released: xx August 2024
* Redo XSS issue reported by wpscan

= 2406 =
* Released: 16 June 2024
* Revert 'Do not output CSS/JS on pages not eligible' introduced in 2402 as it broke some clever edge cases
Expand Down
2 changes: 1 addition & 1 deletion toc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
* Author URI: https://zedzedzed.github.io/docs/tocplus.html
* Text Domain: table-of-contents-plus
* Domain Path: /languages
* Version: 2406
* Version: 2408
* License: GPL2
*/

Expand Down

0 comments on commit c10e6a7

Please sign in to comment.