Skip to content

Release v1.8.0
Compare
Choose a tag to compare
@github-actions github-actions released this 26 Jun 21:36
· 24 commits to main since this release
v1.8.0
b63c669
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

WordPress Standards Compliance Enhancement

  • WordPress Baseline: Updated minimum WordPress version requirement from 6.0 to 6.5+ for better compatibility
  • Internationalization: Added complete i18n support with load_plugin_textdomain() and .pot file generation
  • Language Files: Created languages/simple-wp-site-exporter.pot with all translatable strings
  • Version Control: Added changelog.txt file as specified in copilot instructions for complete version documentation
  • Documentation Consistency: Updated README.md, readme.txt, and phpcs.xml to reflect WordPress 6.5+ baseline
  • Workflow Updates: Modified compatibility testing to use WordPress 6.5+ as minimum test version
  • Standards Alignment: Ensured all code, workflows, and documentation strictly follow WordPress coding standards

Critical Security Fix

  • SECURITY: Resolved Server-Side Request Forgery (SSRF) vulnerability in sse_resolve_parent_directory() function
  • Filesystem Security: Removed is_dir() and is_readable() filesystem checks on user-controlled input
  • Attack Prevention: Eliminated potential filesystem structure probing and information disclosure
  • Path Validation: Refactored to use safe string-based path validation while maintaining security
  • Codacy Compliance: Addressed "File name based on user input risks server-side request forgery" detection
  • Defense in Depth: Maintained multiple layers of path validation without filesystem probing

Installation

  1. Download the zip file
  2. Upload to your WordPress site through the Plugins > Add New > Upload menu
  3. Activate the plugin

Full Documentation

Assets 3
Loading