diff --git a/includes/admin/import-export.php b/includes/admin/import-export.php index 21734ca..3ab888b 100644 --- a/includes/admin/import-export.php +++ b/includes/admin/import-export.php @@ -56,7 +56,7 @@ function tptn_exim_page() {

- +
@@ -152,7 +152,7 @@ function tptn_export_tables() { return; } - if ( isset( $_POST['tptn_export_nonce'] ) && ! wp_verify_nonce( sanitize_key( $_POST['tptn_export_nonce'] ), 'tptn_export_nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_key( $_POST['tptn_export_nonce'] ), 'tptn_export_nonce' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated return; } @@ -235,7 +235,7 @@ function tptn_import_tables() { return; } - if ( isset( $_POST['tptn_import_nonce'] ) && ! wp_verify_nonce( sanitize_key( $_POST['tptn_import_nonce'] ), 'tptn_import_nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_key( $_POST['tptn_import_nonce'] ), 'tptn_import_nonce' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated return; } @@ -319,7 +319,7 @@ function tptn_process_settings_export() { return; } - if ( isset( $_POST['tptn_export_settings_nonce'] ) && ! wp_verify_nonce( sanitize_key( $_POST['tptn_export_settings_nonce'] ), 'tptn_export_settings_nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_key( $_POST['tptn_export_settings_nonce'] ), 'tptn_export_settings_nonce' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated return; } @@ -352,7 +352,7 @@ function tptn_process_settings_import() { return; } - if ( isset( $_POST['tptn_import_settings_nonce'] ) && ! wp_verify_nonce( sanitize_key( $_POST['tptn_import_settings_nonce'] ), 'tptn_import_settings_nonce' ) ) { + if ( ! wp_verify_nonce( sanitize_key( $_POST['tptn_import_settings_nonce'] ), 'tptn_import_settings_nonce' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated return; } diff --git a/readme.txt b/readme.txt index 2e96816..61fd8e0 100644 --- a/readme.txt +++ b/readme.txt @@ -2,9 +2,9 @@ Tags: popular posts, top 10, counter, top posts, daily popular, page views, statistics, tracker Contributors: webberzone, Ajay Donate link: https://ajaydsouza.com/donate/ -Stable tag: 2.9.4 +Stable tag: 2.9.5 Requires at least: 4.9 -Tested up to: 5.4 +Tested up to: 5.5 Requires PHP: 5.6 License: GPLv2 or later @@ -161,6 +161,13 @@ add_filter( 'manage_edit-projects_sortable_columns', 'tptn_column_register_sorta == Changelog == += 2.9.5 = + +Release post: [https://webberzone.com/blog/top-10-v2-9-0/](https://webberzone.com/blog/top-10-v2-9-0/) + +* Bug fixes: + * Security fix: Nonces were not always checked in import module + = 2.9.4 = Release post: [https://webberzone.com/blog/top-10-v2-9-0/](https://webberzone.com/blog/top-10-v2-9-0/) @@ -230,6 +237,6 @@ For previous changelog entries, please refer to the separate changelog.txt file == Upgrade Notice == -= 2.9.4 = -Bug fixes and new features; Check the Changelog for more details or the release posts on https://webberzone.com += 2.9.5 = +Security fix; Check the Changelog for more details or the release posts on https://webberzone.com diff --git a/top-10.php b/top-10.php index 52c27a3..42728c6 100644 --- a/top-10.php +++ b/top-10.php @@ -14,7 +14,7 @@ * Plugin Name: Top 10 * Plugin URI: https://webberzone.com/plugins/top-10/ * Description: Count daily and total visits per post and display the most popular posts based on the number of views - * Version: 2.9.4 + * Version: 2.9.5 * Author: Ajay D'Souza * Author URI: https://webberzone.com * License: GPL-2.0+