CVE-2023-5051: Changeset 2982876 for callrail-phone-call-tracking – WordPress Plugin Repository

Timestamp:

10/24/2023 07:14:47 AM (3 days ago)

jamescallrail

Message:

Publish version 0.5.3

Location:

callrail-phone-call-tracking/trunk

Files:

• callrail.php (2 diffs)
• readme.txt (2 diffs)

Legend:

Unmodified

Added

Removed

• callrail-phone-call-tracking/trunk/callrail.php

  r2846932

  r2982876

5

5

Description: Dynamically swap CallRail tracking phone numbers based on the visitor's referring source.

6

6

Author: CallRail, Inc.

7

 

Version: 0.5.2

 

7

Version: 0.5.3

8

8

Author URI: http://www.callrail.com

9

9

\*/

…

…

 

162

162

    echo '<script type="text/javascript">window.crwpVer = 1;</script>';

163

163

    $escaped\_api\_key = esc\_js($api\_key);

164

 

    wp\_enqueue\_script( 'swapjs', "//cdn.callrail.com/companies/$escaped\_api\_key/wp-0-5-2/swap.js" );

 

164

    wp\_enqueue\_script( 'swapjs', "//cdn.callrail.com/companies/$escaped\_api\_key/wp-0-5-3/swap.js" );

165

165

}

166

166

167

167

function callrail\_form\_shortcode\_handler( $attributes ) {

168

 

    $form\_id = $attributes\['form\_id'\];

 

168

    $form\_id = esc\_attr($attributes\['form\_id'\]);

169

169

170

170

    if ( ! $form\_id ) {

• callrail-phone-call-tracking/trunk/readme.txt

  r2846932

  r2982876

4

4

Requires at least: 3.0

5

5

Tested up to: 6.1.1

6

 

Stable tag: 0.5.2

 

6

Stable tag: 0.5.3

7

7

8

8

Dynamically swap CallRail tracking phone numbers based on the visitor's referring source.

…

…

 

27

27

28

28

\== Changelog ==

 

29

 

30

\= 0.5.3 =

 

31

\* Security fix: Escape short code attributes

29

32

30

33

\= 0.5.2 =

Note: See TracChangeset for help on using the changeset viewer.