diff --git a/build/shortpixel/log/src/ShortPixelLogger.php b/build/shortpixel/log/src/ShortPixelLogger.php index c849820..00676ad 100644 --- a/build/shortpixel/log/src/ShortPixelLogger.php +++ b/build/shortpixel/log/src/ShortPixelLogger.php @@ -82,7 +82,6 @@ public function __construct() { if (defined('SHORTPIXEL_LOG_OVERWRITE')) // if overwrite, do this on init once. file_put_contents($this->logPath,'-- Log Reset -- ' .PHP_EOL); - } if ($this->is_active) diff --git a/classes/emr-plugin.php b/classes/emr-plugin.php index 50cbd2c..9e4e256 100644 --- a/classes/emr-plugin.php +++ b/classes/emr-plugin.php @@ -56,6 +56,7 @@ public function adminInit() { $this->features['replace'] = true; // does nothing just for completeness $this->features['background'] = apply_filters('emr/feature/background', true); + $this->features['remote_notice'] = apply_filters('emr/feature/remote_notice', true); load_plugin_textdomain('enable-media-replace', false, basename(dirname(EMR_ROOT_FILE)) . '/languages'); @@ -86,6 +87,9 @@ public function useFeature($name) case 'background': $bool = $this->features['background']; break; + case 'remote_notice': + $bool = $this->features['remote_notice']; + break; default: $bool = false; break; @@ -190,9 +194,8 @@ public function setScreen() $screen = get_current_screen(); $notice_pages = array('attachment', 'media_page_enable-media-replace/enable-media-replace', 'upload' ); - if ( in_array($screen->id, $notice_pages) && true === emr()->useFeature('background')) + if ( in_array($screen->id, $notice_pages) && true === emr()->useFeature('remote_notice')) { - RemoteNoticeController::getInstance(); // check for remote stuff $notices = Notices::getInstance(); $notices->loadIcons(array( diff --git a/classes/uihelper.php b/classes/uihelper.php index 214d156..e0134cc 100644 --- a/classes/uihelper.php +++ b/classes/uihelper.php @@ -54,9 +54,8 @@ public function getFormUrl($attach_id, $action = null) if (is_numeric($spdebug)) $spdebug = intval($spdebug); else { - $spdebug = sanitize_text_field($spdebug); + $spdebug = 3; } - $url = add_query_arg('SHORTPIXEL_DEBUG', $spdebug, $url); } @@ -75,9 +74,8 @@ public function getSuccesRedirect($attach_id) if (is_numeric($spdebug)) $spdebug = intval($spdebug); else { - $spdebug = sanitize_text_field($spdebug); + $spdebug = 3; } - $url = add_query_arg('SHORTPIXEL_DEBUG', $spdebug, $url); } diff --git a/enable-media-replace.php b/enable-media-replace.php index 35074e1..5ad00d8 100644 --- a/enable-media-replace.php +++ b/enable-media-replace.php @@ -3,7 +3,7 @@ * Plugin Name: Enable Media Replace * Plugin URI: https://wordpress.org/plugins/enable-media-replace/ * Description: Enable replacing media files by uploading a new file in the "Edit Media" section of the WordPress Media Library. - * Version: 4.1.4 + * Version: 4.1.5 * Author: ShortPixel * Author URI: https://shortpixel.com * GitHub Plugin URI: https://github.com/short-pixel-optimizer/enable-media-replace @@ -25,7 +25,7 @@ * */ -define( 'EMR_VERSION', '4.1.4' ); +define( 'EMR_VERSION', '4.1.5' ); if ( ! defined( 'ABSPATH' ) ) { exit; // Exit if accessed directly. diff --git a/readme.txt b/readme.txt index a5b3480..6f1c0b7 100644 --- a/readme.txt +++ b/readme.txt @@ -5,7 +5,7 @@ Tags: replace, attachment, media, files, replace image, remove background, repla Requires at least: 4.9.7 Tested up to: 6.3 Requires PHP: 5.6 -Stable tag: 4.1.4 +Stable tag: 4.1.5 Easily replace any attached image/file by simply uploading a new file in the Media Library edit view - a real time saver! @@ -38,6 +38,10 @@ If you don't want to use the background removal feature, add this line to your t ```add_filter( 'emr/feature/background', '__return_false' );``` +A similar filter, for the remote notification system is: + +```add_filter( 'emr/feature/remote_notice', '__return_false' );``` + To shorten the wait time before redirecting to the media editing screen, use the following filter and specify the wait time in seconds (0 means that redirection is immediate, but may cause problems in certain configurations): ```add_filter('emr/success/timeout', function () { return 3; });``` @@ -69,6 +73,12 @@ If you want more control over the format in which the time is shown, you can use == Changelog == += 4.1.5 = + +Release date: December 14, 2023 +* Tweak: Added a filter to disable the remote notification system added in version 4.1.0; +* Fix: A potential "Reflected Cross-Site Scripting" vulnerability has been patched, responsibly disclosed by the Wordfence team. + = 4.1.4 = Release date: September 22, 2023 diff --git a/views/screen.php b/views/screen.php index f84ffb1..62723be 100644 --- a/views/screen.php +++ b/views/screen.php @@ -45,14 +45,13 @@ getFormUrl($attachment_id); - //$formurl = wp_nonce_url( $url, "media_replace_upload" ); if (FORCE_SSL_ADMIN) { $formurl = str_replace("http:", "https:", $formurl); } ?> -