Skip to content
Permalink
Browse files

Fix XXS attack from WordPress Post Title #271

  • Loading branch information...
mehrshaddarzi committed Jun 4, 2019
1 parent 72f0b64 commit cda6dcaf123f4df1e01fbc819f47a98ca5c8ac0a
@@ -523,7 +523,7 @@ function wp_statistics_get_top_pages( $rangestartdate = null, $rangeenddate = nu
$id = wp_statistics_uri_to_id( $out[0] );
$post = get_post( $id );
if ( is_object( $post ) ) {
$title = $post->post_title;
$title = esc_html( $post->post_title );
} else {
if ( $out[0] == '/' ) {
$title = get_bloginfo();
@@ -1936,7 +1936,7 @@ function wp_statistics_get_post_list( $args = array() ) {
$query = new WP_Query( $args );
$list = array();
foreach ( $query->posts as $ID ) {
$list[ $ID ] = get_the_title( $ID );
$list[ $ID ] = esc_html( get_the_title( $ID ) );
}
return $list;
@@ -1968,7 +1968,7 @@ function wp_statistics_get_page_info( $page_id, $type = 'post' ) {
case "post":
case "page":
$arg = array(
'title' => get_the_title( $page_id ),
'title' => esc_html( get_the_title( $page_id ) ),
'link' => get_the_permalink( $page_id ),
'edit_link' => get_edit_post_link( $page_id ),
'meta' => array(
@@ -1981,7 +1981,7 @@ function wp_statistics_get_page_info( $page_id, $type = 'post' ) {
case "tax":
$term = get_term( $page_id );
$arg = array(
'title' => $term->name,
'title' => esc_html( $term->name ),
'link' => ( is_wp_error( get_term_link( $page_id ) ) === true ? '' : get_term_link( $page_id ) ),
'edit_link' => get_edit_term_link( $page_id ),
'meta' => array(
@@ -2000,7 +2000,7 @@ function wp_statistics_get_page_info( $page_id, $type = 'post' ) {
case "author":
$user_info = get_userdata( $page_id );
$arg = array(
'title' => ( $user_info->display_name != "" ? $user_info->display_name : $user_info->first_name . ' ' . $user_info->last_name ),
'title' => ( $user_info->display_name != "" ? esc_html( $user_info->display_name ) : esc_html( $user_info->first_name . ' ' . $user_info->last_name ) ),
'link' => get_author_posts_url( $page_id ),
'edit_link' => get_edit_user_link( $page_id ),
);
@@ -105,7 +105,7 @@
<canvas id="hit-stats" height="80"></canvas>
<script>
var ctx = document.getElementById("hit-stats").getContext('2d');
<?php if(is_rtl()) { ?> Chart.defaults.global.defaultFontFamily = "tahoma"; <?php } ?>
<?php if(is_rtl()) { ?> Chart.defaults.global.defaultFontFamily = "tahoma"; <?php } ?>
var ChartJs = new Chart(ctx, {
type: 'line',
data: {
@@ -242,7 +242,7 @@
<th>
<a href="<?php echo get_permalink(
$post_obj
); ?>"><?php echo $post_obj->post_title; ?></a>
); ?>"><?php echo esc_html( $post_obj->post_title ); ?></a>
</th>
<th class="th-center"><span><?php echo number_format_i18n( $post_stat ); ?></span>
</th>
@@ -92,7 +92,7 @@
<canvas id="hit-stats" height="80"></canvas>
<script>
var ctx = document.getElementById("hit-stats").getContext('2d');
<?php if(is_rtl()) { ?> Chart.defaults.global.defaultFontFamily = "tahoma"; <?php } ?>
<?php if(is_rtl()) { ?> Chart.defaults.global.defaultFontFamily = "tahoma"; <?php } ?>
var ChartJs = new Chart(ctx, {
type: 'line',
data: {
@@ -229,7 +229,7 @@
<th>
<a href="<?php echo get_permalink(
$post_obj
); ?>"><?php echo $post_obj->post_title; ?></a>
); ?>"><?php echo esc_html( $post_obj->post_title ); ?></a>
</th>
<th class="th-center"><span><?php echo number_format_i18n( $post_stat ); ?></span>
</th>
@@ -23,7 +23,7 @@
$post = get_post( $pageid );
if ( is_object( $post ) ) {
$title = $post->post_title;
$title = esc_html( $post->post_title );
} else {
$title = "";
}
@@ -53,8 +53,8 @@
$url_fields = '&prepage=' . $pageid;
//Show Select Box Ui
$html = __( 'Select Page', 'wp-statistics' ) . ': ';
$html .= '<select name="page-id">';
$html = __( 'Select Page', 'wp-statistics' ) . ': ';
$html .= '<select name="page-id">';
foreach ( wp_statistics_get_post_list( $arg ) as $post_id => $post_title ) {
$html .= '<option value="' . $post_id . '"' . selected( $post_id, $page, false ) . '>' . $post_title . '</option>';
}
@@ -245,7 +245,7 @@
<th>
<a href="<?php echo get_permalink(
$post_obj
); ?>"><?php echo $post_obj->post_title; ?></a>
); ?>"><?php echo esc_html( $post_obj->post_title ); ?></a>
</th>
<th class="th-center"><span><?php echo number_format_i18n( $post_stat ); ?></span>
</th>
@@ -23,13 +23,13 @@ function wp_statistics_generate_pages_postbox_content() {
/**
* Check Get title by url
* @since v12.5.7
*/
*/
if ( $page_link == '' ) {
$page_link = htmlentities( $site_url . $item->uri, ENT_QUOTES );
$id = wp_statistics_uri_to_id( $item->uri );
$post = get_post( $id );
if ( is_object( $post ) ) {
$title = $post->post_title;
$title = esc_html( $post->post_title );
} else {
if ( $item->uri == '/' ) {
$title = get_bloginfo();

0 comments on commit cda6dca

Please sign in to comment.
You can’t perform that action at this time.