CVE-2023-1471: wp-popup-banners.php in wp-popup-banners/trunk – WordPress Plugin Repository

1<?php23defined(‘ABSPATH’) or die(“No direct script allowed!!!”);4/*5 Plugin Name: WP Popup Banners6 Plugin URI: https://accesspressthemes.com/wordpress-plugins/wp-popup-banners/7 Description: Popup Banners plugin helps to add popups to your site with custom messages and effects8 Version: 1.2.59 Author: AccessPress Themes10 Author URI: http://accesspressthemes.com11 License: GPL212 License URI: https://www.gnu.org/licenses/gpl-2.0.html13 Domain Path: /languages/14 Text Domain: wp-popup-banners15 */1617/**18 * Declaration of necessary constants for plugin19 */20defined(‘WPB_IMAGE_DIR’) or define('WPB_IMAGE_DIR’, plugin_dir_url(__FILE__) . ‘images’);21defined(‘WPB_BACKEND_DIR’) or define('WPB_BACKEND_DIR’, plugin_dir_url(__FILE__) . ‘inc/backend’);22defined(‘WPB_JS_DIR’) or define('WPB_JS_DIR’, plugin_dir_url(__FILE__) . ‘js’);23defined(‘WPB_CSS_DIR’) or define('WPB_CSS_DIR’, plugin_dir_url(__FILE__) . ‘css_files’);24defined(‘WPB_VERSION’) or define('WPB_VERSION’, ‘1.2.5’);25defined(‘WPB_DEFAULT_VARIABLE’) or define('WPB_DEFAULT_VARIABLE’, ‘wpb_default_settings’);26defined(‘WPB_ABSPATH’) or define('WPB_ABSPATH’, plugin_dir_path(__FILE__));2728if (!class_exists(‘WPB_Class’)) {2930 /**31 * Declaration of plugin main class32 */33 class WPB_Class {3435 var $wpb_settings;3637 /**38 * Constructor39 */40 function __construct() {4142 $this->wpb_settings = get_option(‘wpb_default_settings’);43 register_activation_hook(__FILE__, array($this, ‘activation_function’)); //load the function on plugin Activation44 add_action('admin_init’, array($this, ‘plugin_init’)); //session start and load the text domain on plugin initialization45 add_action('admin_menu’, array($this, ‘add_wpb_menu’)); //add the plugin menu on menu bar46 add_action('admin_enqueue_scripts’, array($this, ‘enqueue_admin_script’)); //register admin scripts and css47 add_action('admin_post_wpb_save_options’, array($this, ‘wpb_save_options’)); //save the form data to the database48 add_action('admin_post_wpb_delete’, array($this, ‘delete_wpb’)); //delete popup data from database 49 add_action('wp_ajax_get_popup_data’, array($this, ‘wpb_get_popup_data’)); //get the popup data from database on ajax call50 add_action('wp_ajax_nopriv_get_popup_data’, array($this, ‘no_perminission’)); //restrict the ajax call for other users except admin login5152 /* Frontend Script */53 add_action('wp_enqueue_scripts’, array($this, ‘wpb_register_frontend_assets’)); //register the front end scripts and css54 add_action('wp_footer’, array($this, ‘wpb_appendto_footer’), 100); //append the popup div on the footer of page55 add_filter( 'admin_footer_text’, array( $this, ‘wppb_admin_footer_text’ ) );56 add_filter( 'plugin_row_meta’, array( $this, ‘wppb_plugin_row_meta’ ), 10, 2 );57 }5859 function wppb_admin_footer_text( $text ){60 global $post;61 if ( (isset( $_GET[ ‘page’ ] ) && $_GET[ ‘page’ ] == ‘wpb’ ) ) {62 $link = 'https://wordpress.org/support/plugin/wp-popup-banners/reviews/#new-post’;63 $pro_link = 'https://accesspressthemes.com/wordpress-plugins/wp-popup-banners-pro’;64 $text = ‘Enjoyed WP Popup Banners? <a href="’ . $link . ‘" target="_blank">Please leave us a ★★★★★ rating</a> We really appreciate your support! | Try premium version of <a href="’ . $pro_link . '" target="_blank">WP Popup Banners Pro</a> - more features, more power!’;65 return $text;66 } else {67 return $text;68 }69 }7071 function wppb_plugin_row_meta( $links, $file ){7273 if ( strpos( $file, ‘wp-popup-banners.php’ ) !== false ) {74 $new_links = array(75 ‘demo’ => '<a href="http://demo.accesspressthemes.com/wordpress-plugins/wp-popup-banner" target="_blank"><span class="dashicons dashicons-welcome-view-site"></span>Live Demo</a>’,76 ‘doc’ => '<a href="https://accesspressthemes.com/documentation/wp-popup-banners/" target="_blank"><span class="dashicons dashicons-media-document"></span>Documentation</a>’,77 ‘support’ => '<a href="http://accesspressthemes.com/support" target="_blank"><span class="dashicons dashicons-admin-users"></span>Support</a>’,78 ‘pro’ => '<a href="https://accesspressthemes.com/wordpress-plugins/wp-popup-banners-pro" target="_blank"><span class="dashicons dashicons-cart"></span>Premium version</a>’79 );8081 $links = array_merge( $links, $new_links );82 }8384 return $links;85 }86 /*87 * Plugin Activation 88 */8990 function activation_function() {91 include(‘inc/activation.php’);92 }9394 /**95 * Starts session on admin_init hook96 */97 function plugin_init() {98 if (!session_id() && !headers_sent()) {99 session_start();100 }101 load_plugin_textdomain('wp-popup-banners’, false, dirname(plugin_basename(__FILE__)) . ‘/languages’);102 }103104 /**105 * Returns Default Settings106 */107 function get_default_settings() {108 $default_settings = array(109 ‘check_enable’ => '1’,110 ‘default_popup_id’ => '’111 );112113 return $default_settings;114 }115116 /**117 * Plugin Admin Menu118 */119 function add_wpb_menu() {120 $menu = add_menu_page(121 __('WP Popup Banners’, ‘wp-popup-banners’), __('WP Popup Banners’, ‘wp-popup-banners’), 'manage_options’, 'wpb’, array($this, ‘wpb_settings’), WPB_IMAGE_DIR . '/wpb1.png’122 );123 }124125 /**126 * Plugin Main Settings Page127 */128 function wpb_settings() {129 include(‘inc/backend/main-page.php’);130 }131132 /**133 * Registers Admin Assets134 */135 function enqueue_admin_script($hook) {136 if (isset($_GET[‘page’]) && $_GET[‘page’] == ‘wpb’) {137 wp_enqueue_style(‘wp-color-picker’);138 wp_enqueue_style('wpb-fontawesome’, WPB_CSS_DIR . ‘/font-awesome/font-awesome.min.css’);139 wp_enqueue_style('wpb-admin-css’, WPB_CSS_DIR . '/backend.css’, array(), WPB_VERSION);140 wp_enqueue_style('wpb-popup-css’, WPB_CSS_DIR . '/wpb_popup.css’, array(), WPB_VERSION);141 wp_enqueue_script('wpb-popup-js’, WPB_JS_DIR . '/backend_popup.js’, array('jquery’, ‘wp-color-picker’), WPB_VERSION, false);142 wp_enqueue_script('wpb-popup-colorpicker-alpha’, WPB_JS_DIR . '/wp-color-picker-alpha.js’, array(‘wp-color-picker’), WPB_VERSION );143 /**144 * localize the variable with javascript145 */146 wp_localize_script(147 'wpb-popup-js’, 'wpb_admin_js’, array(148 ‘wpb_ajaxurl’ => admin_url(‘admin-ajax.php’),149 ‘wpb_ajax_nonce’ => wp_create_nonce(‘wpb_ajax_nonce’)150 )151 );152 }153 }154155 /**156 * Save popup parameters to the database157 * 158 */159 function wpb_save_options() {160 if (isset($_POST[‘wpb_add_nonce_save_settings’], $_POST[‘wpb_save_settings’]) && wp_verify_nonce($_POST[‘wpb_add_nonce_save_settings’], ‘wpb_nonce_save_settings’)) {161 /**162 * include to add/update popup if condition matched163 */164 include( ‘inc/backend/save_new_popup.php’ );165 } else {166 die(‘No script kiddies please!!’);167 }168 }169170 /**171 * 172 * Delete banner from database173 */174 function delete_wpb() {175 if (!empty($_GET) && wp_verify_nonce($_GET[‘_wpnonce’], ‘wpb_delete_nonce’)) {176 $log_id = $_GET[‘wpb_id’];177 global $wpdb;178 $table_name = $wpdb->prefix . 'popup_banners’;179 $delete = $wpdb->delete($table_name, array(‘id’ => $log_id), array(‘%d’));180181 if ($delete) {182 $_SESSION[‘wpb_db_success’] = __('Banner deleted Successfully’, ‘wp-popup-banners’);183 } else {184 $_SESSION[‘wpb_db_fail’] = __('Failed to delete Banner.’, ‘wp-popup-banners’);185 }186187 wp_redirect(admin_url(‘admin.php?page=wpb’));188 } else {189 die(‘No script kiddies please!!’);190 }191 }192193 /**194 * Get popup parameters from database195 */196 function wpb_get_popup_data() {197 return (include(‘inc/get_db_data.php’));198 }199200 /**201 * restrict the Ajax call to the unauthorized users202 */203 function no_perminission() {204 die(‘No script kiddies please!!’);205 }206207 /**208 * Registers frontend Assets209 */210 function wpb_register_frontend_assets() {211 /**212 * check the conditions such as if the popup option is enabled or not213 * and check the active popup. And also check where to display the popup such214 * as only on home page or all page or only on specific pages and enque the scripts 215 * and css on that pages. 216 */217 $condition = $this->check_popup_condition();218 if ($condition == 1) {//if the condition is true219 $arr_data = $this->wpb_get_popup_data();220221 wp_enqueue_style('wpb-admin-css’, WPB_CSS_DIR . '/wpb_popup.css’, array(), WPB_VERSION);222 wp_enqueue_script('wpb-nicescroll-js-script’, WPB_JS_DIR . '/jquery.nicescroll.js’, array(‘jquery’), true, WPB_VERSION); //registering nice scroll js 223 wp_enqueue_script('wpb-frontend-js-script’, WPB_JS_DIR . '/frontend_popup.js’, array('jquery’, ‘wpb-nicescroll-js-script’), true, WPB_VERSION); //registering frontend js 224 wp_localize_script(225 'wpb-frontend-js-script’, 'wpb_frontend_js’, array(226 ‘popup_delay_enable’ => $arr_data[‘popup_delay_enable’],227 ‘popup_delay’ => $arr_data[‘popup_delay’],228 ‘popup_close_countdown’ => $arr_data[‘popup_close_countdown’],229 ‘show_popup_cookie’ => $arr_data[‘show_popup’],230 ‘show_countdown_message’ => $arr_data[‘show_countdown_message’],231 ‘popup_type’ => $arr_data[‘popup_type’],232 ‘autoclose_enable’ => $arr_data[‘autoclose_enable’],233 )234 );235 }//end of if condition236 }237238 /**239 * append the hidden popup div on the footer of page240 */241 function wpb_appendto_footer() {242 if (isset($_GET[‘wpb_preview’]) && $_GET[‘wpb_preview’] && is_user_logged_in()) {243 $default_wpb_id = $popup_banner_id = $_GET[‘banner_id’];244 global $wpdb;245 $table_name = $wpdb->prefix . "popup_banners";246 $popup_details = $wpdb->get_results(“SELECT * FROM $table_name where id=$popup_banner_id”);247 if (!empty($popup_details)) {248 $arr_data = $this->wpb_get_popup_data();249 $show_popup = $arr_data[‘show_popup’]; //show popup once, every time250 $display_on = $arr_data[‘display_on’];251 $page_list = $arr_data[‘page_list’];252253 include(‘inc/frontend_main_popup.php’); //include the popup div for front end pages254 }255 } else {256 $condition = $this->check_popup_condition(); //check the popup condition257258 if ($condition == 1) {//if the condition is true259 if (!isset($_COOKIE[‘wp_popup_once’])) {260 $wpb_default_settings = get_option(‘wpb_default_settings’);261 $default_wpb_id = $wpb_default_settings[‘default_popup_id’];262 global $wpdb;263 $table_name = $wpdb->prefix . "popup_banners";264 $popup_details = $wpdb->get_results(“SELECT * FROM $table_name where id=$default_wpb_id”);265 if (!empty($popup_details)) {266 $arr_data = $this->wpb_get_popup_data();267 $show_popup = $arr_data[‘show_popup’]; //show popup once, every time268 $display_on = $arr_data[‘display_on’];269 $page_list = $arr_data[‘page_list’];270271 include(‘inc/frontend_main_popup.php’); //include the popup div for front end pages272 }273 }274 }//end of if condition275 }276 }277278 /**279 * check the conditions to display the popup280 * and if true, reutrn 1 and if false, return 0281 */282 function check_popup_condition() {283 $wpb_default_settings = get_option(‘wpb_default_settings’);284 if (isset($_GET[‘wpb_preview’]) && $_GET[‘wpb_preview’] && is_user_logged_in()) {285 $wpb_default_settings[‘check_enable’] = 1;286 $wpb_default_settings[‘default_popup_id’] = sanitize_text_field($_GET[‘banner_id’]);287 }288 if (($wpb_default_settings[‘check_enable’] == 1 && $wpb_default_settings[‘default_popup_id’] != ‘’)) {289 global $post;290 if (is_404()) {291 $post_id = '’;292 } else {293 $post_id = $post->ID; //check the current page id294 }295 $arr_data = $this->wpb_get_popup_data();296 if (is_home() && $arr_data[‘display_on’] != ‘3’) {//check if the current page is home page297 return 1;298 } else if ($arr_data[‘display_on’] == ‘3’ && !empty($arr_data[‘page_list’]) && $post->post_type == ‘page’) {299 /**300 * check if the popup to display on only specific pages and301 * and if the current page belongs on the pages list302 */303 if (in_array($post_id, $arr_data[‘page_list’])) {304 return 1;305 }306 if (is_home()) {307 return 0;308 }309 } else if ($arr_data[‘display_on’] == ‘2’) {310 /**311 * check if the popup to display on all pages and312 * current page is of ‘page’ type313 */314 return 1;315 } else {316 return 0; //return false if all conditions does not match317 }318 }319 }320321 function print_array($array) {322 echo "<pre style=\"background:#fff;\">";323 print_r($array);324 echo "</pre>";325 }326327 function output_converting_br($text) {328 $text = implode("\n", explode("<br />", $text));329 return $text;330 }331332 function sanitize_escaping_linebreaks($text) {333 $text = implode("<br />", explode("\n", $text));334 return $text;335 }336337 }338339 $wpb_object = new WPB_Class(); //initialization of plugin340 }341342 // end of plugin343344345346