Merge pull request #1140 from live-composer/release_1_5_45

fixed live composer issue raised security patch
live-composer · Jul 20, 2024 · 672fc7b · 672fc7b
2 parents c37e2d6 + a54b5c9
commit 672fc7b
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 7 deletions.
diff --git a/ds-live-composer.php b/ds-live-composer.php
@@ -4,7 +4,7 @@
  * Plugin URI: https://www.livecomposerplugin.com
  * Description: Page builder for WordPress with drag and drop header/footer editing.
  * Author: Live Composer Team
- * Version: 1.5.44
+ * Version: 1.5.45
  * Author URI: https://livecomposerplugin.com
  * License: GPL3
  * License URI: https://www.gnu.org/licenses/gpl-2.0.html
@@ -41,7 +41,7 @@
 	 * Constants
 	 */
 
-	define( 'DS_LIVE_COMPOSER_VER', '1.5.44' );
+	define( 'DS_LIVE_COMPOSER_VER', '1.5.45' );
 
 	define( 'DS_LIVE_COMPOSER_SHORTNAME', __( 'Live Composer', 'live-composer-page-builder' ) );
 	define( 'DS_LIVE_COMPOSER_BASENAME', plugin_basename( __FILE__ ) );

diff --git a/includes/display-functions.php b/includes/display-functions.php
@@ -961,8 +961,11 @@ function dslc_json_decode( $raw_code, $ignore_migration = false ) {
 
 	}
 	else{
-		$raw_code = unserialize( maybe_serialize($raw_code) ,['allowed_classes' => false]);
-
+		if(is_serialized($raw_code))
+		{
+			$raw_code = unserialize($raw_code,['allowed_classes' => false]);
+			// $raw_code = unserialize( maybe_serialize($raw_code));
+		}
 		// Array already provided. Do nothing.
 		if ( is_array( $raw_code ) ) {
 			return $raw_code;
@@ -990,7 +993,12 @@ function dslc_json_decode( $raw_code, $ignore_migration = false ) {
 			} else {
 				// 1. it's old code of the module settings serialized + base64.
 				// Get array out of it.
-				$decoded = unserialize( $decoded_base64,['allowed_classes' => false] );
+				// $decoded = unserialize( $decoded_base64,['allowed_classes' => false] );
+				if(is_serialized($decoded_base64))
+				{
+					$decoded = unserialize( $decoded_base64,['allowed_classes' => false] );
+				}
+				// $decoded = unserialize( $decoded_base64);
 
 				// Add a marker indicating that this module
 				// was imported from shortcode format.

diff --git a/readme.txt b/readme.txt
@@ -2,8 +2,8 @@
 Contributors: LiveComposer
 Tags: page builder, landing page builder, frontend page builder, drag and drop page builder, website builder
 Requires at least: 4.7
-Tested up to: 6.5
-Stable tag: 1.5.44
+Tested up to: 6.6
+Stable tag: 1.5.45
 License: GPLv3
 
 Page builder for WordPress with drag and drop header/footer editing, responsive settings, and animations. Compatible with Gutenberg block editor.
@@ -199,6 +199,9 @@ In most of the cases, this is because the homepage is not a real WordPress page,
 * 🦊 [Check out our WooCommerce Page Builder Extension](https://livecomposerplugin.com/downloads/woocommerce-page-builder/?utm_source=wp-admin&utm_medium=changelog&utm_campaign=woo-integration)
 * 👀 [We keep updating and improving our extensions pack](https://livecomposerplugin.com/downloads/extensions/?utm_source=wp-admin&utm_medium=changelog&utm_campaign=add-ons) ACF + CPT + MegaMenu + 9 more add-ons.
 
+= 1.5.45 - July 20 2024 =
+* Security fixes
+
 = 1.5.44 - July 10 2024 =
 * Security fixes