Tag Archives: [1.2.5]

NewStatPress 1.2.5

New version is ready to download:

  • Fix Stored cross-site scripting vulnerabilities, find by Han Sahin of www.SumOfPwn.nl @sumofpwn
  • Avoid direct access to pages
  • Changing path detections (not support anymore WordPress 2.x or lower)
  • Fix widget variable list
  • Use javascript+ajax for variables API
  • Remove the usage of wp_load
  • Complete name conversion
  • External API via WP Ajax
  • Fix missing 2 spider images
  • Use NONCE for ajax call in variables API

Download from newstatpress-1.2.5

This is a critical Update that you must install if you did not insert the version on GitHub with the same number (1.2.5).

It contains even a rewrite of the plugin for improve the security thanks to the help of WordPress Team.