Skip to content

Commit 9c0ae0b

Browse files
bgermannbgermann
committed
version 15.0.6
1 parent f486630 commit 9c0ae0b

2 files changed

Lines changed: 9 additions & 5 deletions

File tree

cforms.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,12 +20,12 @@
2020
* Plugin URI: https://wordpress.org/plugins/cforms2/
2121
* Description: cformsII is a customizable, flexible and powerful form plugin including simple spam protection, multi-step forms, role manager support and custom themes.
2222
* Author: Oliver Seidel, Bastian Germann
23-
* Version: 15.0.5
23+
* Version: 15.0.6
2424
* Text Domain: cforms2
2525
*/
2626
namespace Cforms2;
2727

28-
define('CFORMS2_VERSION', '15.0.5');
28+
define('CFORMS2_VERSION', '15.0.6');
2929

3030
// Debug message handling.
3131
if (!defined('WP_DEBUG_CFORMS2')) {

readme.txt

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ Contributors: bgermann, cbacchini, codifex, nb000, wdfee, passoniate
33
Donate link: https://www.betterplace.org/projects/11633/donations/new
44
Tags: contact form, contact, form, post, sidebar, multi step, api exposed, fork
55
Requires at least: 5.2
6-
Tested up to: 6.3
6+
Tested up to: 6.4
77
Stable tag: trunk
88
License: GPLv3 or later
99
License URI: http://www.gnu.org/licenses/gpl-3.0
@@ -16,7 +16,7 @@ Oliver, the original author, discontinued developing the plugin. This fork is an
1616

1717
If you want to use plugin versions older than 14.6.3, you should rename the directory containing the plugin from "cforms2" to "cforms". But bear in mind that old versions should not be used in public systems, because they contain [known serious vulnerabilities](https://wpvulndb.com/plugins/cforms) that are exploited in the wild.
1818

19-
The [current security baseline version](https://wpvulndb.com/plugins/cforms2) is 15.0.5.
19+
The [current security baseline version](https://wpvulndb.com/plugins/cforms2) is 15.0.6.
2020

2121

2222
== Related Plugins ==
@@ -108,12 +108,16 @@ cformsII can be extended via WordPress actions and filters. You find their 'cfor
108108

109109
== Upgrade Notice ==
110110

111-
= 15.0.5 =
111+
= 15.0.6 =
112112
The tracking database feature and its view are removed with cformsII 15.0+. Your data still exists in the database. Please have a look at CFDB plugin as a replacement.
113113

114114

115115
== Changelog ==
116116

117+
= 15.0.6 =
118+
119+
* bugfix: prevent XSS by output sanitization: CVE-2023-52203 and CVE-2024-22149
120+
117121
= 15.0.5 =
118122

119123
* Fix CSRF by introducing nonces to admin forms (CVE-2023-25449)

0 commit comments

Comments
 (0)