diff --git a/changelog.txt b/changelog.txt
index 3d2e0e6..a9a0820 100644
--- a/changelog.txt
+++ b/changelog.txt
@@ -1,10 +1,12 @@
== Changelog ==
-= [3.3.5] - 2024-08-13 =
+= [3.3.5] - 2024-08-14 =
**Added**
-* Add counters (in gold) for Core, Plugins, and Themes.
+* Add counters for Core, Plugins, and Themes.
+* Add a Vulnerabilities filter in the Plugin list (WordPress and WordPress Multisite).
+* Add a Vulnerabilities filter in the Themes list (WordPress Multisite).
**Compatibility**
diff --git a/readme.txt b/readme.txt
index e7ed9fe..fd7a577 100644
--- a/readme.txt
+++ b/readme.txt
@@ -3,9 +3,9 @@ Contributors: javiercasares, davidperez, lbonomo, alexclassroom
Tags: security, vulnerability, site-health
Requires at least: 4.1
Tested up to: 6.7
-Stable tag: 3.3.4
+Stable tag: 3.3.5
Requires PHP: 5.6
-Version: 3.3.4
+Version: 3.3.5
License: GPL-2.0-or-later
License URI: https://spdx.org/licenses/GPL-2.0-or-later.html
@@ -109,21 +109,23 @@ First of all, peace of mind. Investigate what the vulnerability is and, above al
* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
-* WP-CLI: 2.3.0 - 2.10.0
+* WP-CLI: 2.3.0 - 2.11.0
== Changelog ==
-= [3.3.4] - 2024-08-12 =
+= [3.3.5] - 2024-08-14 =
-**Fixed**
+**Added**
-* The "Last updated on" column in the plugin list is available again.
+* Add counters for Core, Plugins, and Themes.
+* Add a Vulnerabilities filter in the Plugin list (WordPress and WordPress Multisite).
+* Add a Vulnerabilities filter in the Themes list (WordPress Multisite).
**Compatibility**
* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
-* WP-CLI: 2.3.0 - 2.10.0
+* WP-CLI: 2.3.0 - 2.11.0
**Tests**
@@ -132,11 +134,11 @@ First of all, peace of mind. Investigate what the vulnerability is and, above al
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review
-= [3.3.3] - 2024-08-05 =
+= [3.3.4] - 2024-08-12 =
**Fixed**
-* The Dashboard panel is availbale, again.
+* The "Last updated on" column in the plugin list is available again.
**Compatibility**
@@ -151,11 +153,11 @@ First of all, peace of mind. Investigate what the vulnerability is and, above al
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review
-= [3.3.1] - 2024-08-02 =
+= [3.3.3] - 2024-08-05 =
**Fixed**
-* Delete the wp_is_rest_endpoint check. Does not need it.
+* The Dashboard panel is availbale, again.
**Compatibility**
@@ -170,17 +172,11 @@ First of all, peace of mind. Investigate what the vulnerability is and, above al
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review
-= [3.3.0] - 2024-08-02 =
-
-**Added**
-
-* Ability to exclude of vulnerability types at a global level.
-* WP-CLI commands formats (--format=[table,json]).
-* REST API endpoints (requires Application Password).
+= [3.3.1] - 2024-08-02 =
-**Changed**
+**Fixed**
-* README file.
+* Delete the wp_is_rest_endpoint check. Does not need it.
**Compatibility**
@@ -195,30 +191,27 @@ First of all, peace of mind. Investigate what the vulnerability is and, above al
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review
-= [3.2.2] - 2024-07-27 =
+= [3.3.0] - 2024-08-02 =
**Added**
-* Ability to configure a different From: email address for sending vulnerability notifications via `wp-config.php`.
+* Ability to exclude of vulnerability types at a global level.
+* WP-CLI commands formats (--format=[table,json]).
+* REST API endpoints (requires Application Password).
**Changed**
-* The URL for the website now uses its own domain name.
-* Dashboard visibility is restricted to users with specific capabilities, similar to Site Health.
-
-**Fixed**
-
-* Various minor fixes to prevent warnings and potential errors due to misconfigured WordPress setups.
-* Allow loading of some necessary libraries.
+* README file.
**Compatibility**
-* WordPress: 4.1 - 6.6
+* WordPress: 4.1 - 6.7
* PHP: 5.6 - 8.3
* WP-CLI: 2.3.0 - 2.10.0
**Tests**
+* PHP Coding Standards: 3.10.2
* WordPress Coding Standards: 3.1.0
* Plugin Check (PCP): 1.0.2
* SonarCloud Code Review
@@ -236,6 +229,7 @@ This plugin adheres to the following security measures and review protocols for
* [WordPress APIs Security](https://developer.wordpress.org/apis/security/)
* [WordPress Coding Standards](https://github.com/WordPress/WordPress-Coding-Standards)
* [Plugin Check (PCP)](https://wordpress.org/plugins/plugin-check/)
+* [SonarCloud Code Review](https://www.sonarsource.com/products/sonarcloud/)
== Privacy ==
@@ -243,7 +237,7 @@ This plugin adheres to the following security measures and review protocols for
== Vulnerabilities ==
-* No vulnerabilities have been published up to version 3.3.3.
+* No vulnerabilities have been published up to version 3.3.5.
Found a security vulnerability? Please report it to us privately at the [WPVulnerability GitHub repository](https://github.com/javiercasares/wpvulnerability/security/advisories/new).
diff --git a/wpvulnerability-plugins.php b/wpvulnerability-plugins.php
index 2e0b9e0..5a6b5c0 100644
--- a/wpvulnerability-plugins.php
+++ b/wpvulnerability-plugins.php
@@ -12,12 +12,12 @@
/**
* Adds a vulnerability notice under vulnerable plugins.
*
- * This function retrieves the vulnerability data for the specified plugin from the WordPress options table
- * and displays a detailed notice below the plugin's row on the plugins management page in the WordPress admin area.
- * The notice includes information about the plugin's vulnerabilities, such as affected versions, severity, CVSS scores,
+ * This function retrieves the vulnerability data for the specified plugin from the WordPress options table
+ * and displays a detailed notice below the plugin's row on the plugins management page in the WordPress admin area.
+ * The notice includes information about the plugin's vulnerabilities, such as affected versions, severity, CVSS scores,
* and links to sources.
*
- * The function is applicable both in single-site and multisite installations. In a multisite setup, the notice
+ * The function is applicable both in single-site and multisite installations. In a multisite setup, the notice
* is displayed only in the network admin area or in the site admin area of individual sites.
*
* @since 2.0.0
@@ -36,7 +36,7 @@ function wpvulnerability_plugin_info_after( $plugin_file, $plugin_data ) {
$plugin_vulnerabilities = json_decode( get_option( 'wpvulnerability-plugins' ), true );
}
- if( ( is_multisite() && is_network_admin() ) || ! is_multisite() ) {
+ if ( ( is_multisite() && is_network_admin() ) || ! is_multisite() ) {
// Determine whether the plugin is active and add an appropriate CSS class to the table row.
$tr_class = '';
@@ -132,9 +132,6 @@ function wpvulnerability_plugin_info_after( $plugin_file, $plugin_data ) {
echo $information; // phpcs:ignore
}
-
- return;
-
}
/**
@@ -681,9 +678,8 @@ function wpvulnerability_plugins_add_tab() {
if ( ! is_multisite() ) {
add_filter( 'views_plugins', 'wpvulnerability_plugins_view' );
- } elseif( is_multisite() && is_network_admin() ) {
+ } elseif ( is_multisite() && is_network_admin() ) {
add_filter( 'views_plugins-network', 'wpvulnerability_plugins_view' );
}
-
}
add_action( 'admin_head', 'wpvulnerability_plugins_add_tab' );
diff --git a/wpvulnerability-run.php b/wpvulnerability-run.php
index 512b889..5dca28b 100644
--- a/wpvulnerability-run.php
+++ b/wpvulnerability-run.php
@@ -695,27 +695,26 @@ function wpvulnerability_counter_themes() {
if ( $wpvulnerability_themes_total > 0 ) {
- if ( ! is_multisite() ) {
- global $submenu;
- if ( isset( $submenu['themes.php'] ) ) {
- foreach ( $submenu['themes.php'] as $key => $value ) {
- if ( 'themes.php' === $submenu['themes.php'][ $key ][2] ) {
- $submenu['themes.php'][ $key ][0] .= ' ' . $wpvulnerability_themes_total . ''; // phpcs:ignore
- break;
+ if ( ! is_multisite() ) {
+ global $submenu;
+ if ( isset( $submenu['themes.php'] ) ) {
+ foreach ( $submenu['themes.php'] as $key => $value ) {
+ if ( 'themes.php' === $submenu['themes.php'][ $key ][2] ) {
+ $submenu['themes.php'][ $key ][0] .= ' ' . $wpvulnerability_themes_total . ''; // phpcs:ignore
+ break;
+ }
}
}
- }
- } elseif ( is_multisite() && is_network_admin() ) {
- global $menu;
- foreach ( $menu as $key => $value ) {
- if ( 'themes.php' === $menu[ $key ][2] ) {
- $menu[ $key ][0] .= ' ' . $wpvulnerability_themes_total . ''; // phpcs:ignore
- break;
+ } elseif ( is_multisite() && is_network_admin() ) {
+ global $menu;
+ foreach ( $menu as $key => $value ) {
+ if ( 'themes.php' === $menu[ $key ][2] ) {
+ $menu[ $key ][0] .= ' ' . $wpvulnerability_themes_total . ''; // phpcs:ignore
+ break;
+ }
}
}
}
-
- }
}
if ( is_multisite() && is_network_admin() ) {
add_action( 'network_admin_menu', 'wpvulnerability_counter_themes' );
diff --git a/wpvulnerability-themes.php b/wpvulnerability-themes.php
index 513327d..f48246c 100644
--- a/wpvulnerability-themes.php
+++ b/wpvulnerability-themes.php
@@ -290,7 +290,7 @@ function wpvulnerability_theme_page() {
/**
* Filters the themes list to show only vulnerable themes when the "Vulnerable" tab is selected.
*
- * This function hooks into the WordPress themes listing in the network admin to filter the displayed themes
+ * This function hooks into the WordPress themes listing in the network admin to filter the displayed themes
* based on their vulnerability status. When the "Vulnerable" tab is selected (identified by the `theme_status=vulnerable`
* query parameter), it filters the themes list to include only those themes with known vulnerabilities.
*
@@ -323,9 +323,19 @@ function wpvulnerability_themes_filter() {
}
}
-
}
}
+/**
+ * Initializes the vulnerability filtering for the themes list in the network admin area of a multisite installation.
+ *
+ * This function checks if the current environment is a multisite network and whether the user is in the network
+ * admin area. If both conditions are met, it hooks into the 'admin_head-themes.php' action to apply a filter that
+ * shows only vulnerable themes in the themes list.
+ *
+ * @since 3.3.5
+ *
+ * @return void
+ */
function wpvulnerability_themes_filter_init() {
if ( is_multisite() && is_network_admin() ) {
add_action( 'admin_head-themes.php', 'wpvulnerability_themes_filter' );
@@ -378,7 +388,7 @@ function wpvulnerability_themes_view( $views ) {
* Adds a custom filter to the themes page in the WordPress admin to display a tab for vulnerable themes.
*
* This function hooks into the 'views_themes-network' filter to add a custom tab or view for displaying vulnerable themes
- * on the themes management page in the WordPress network admin area. The tab is added only in a multisite setup
+ * on the themes management page in the WordPress network admin area. The tab is added only in a multisite setup
* and specifically in the network admin context.
*
* @since 3.3.5
@@ -387,9 +397,8 @@ function wpvulnerability_themes_view( $views ) {
*/
function wpvulnerability_themes_add_tab() {
- if( is_multisite() && is_network_admin() ) {
+ if ( is_multisite() && is_network_admin() ) {
add_filter( 'views_themes-network', 'wpvulnerability_themes_view' );
}
-
}
add_action( 'admin_head', 'wpvulnerability_themes_add_tab' );
diff --git a/wpvulnerability.php b/wpvulnerability.php
index b09ad65..0e670ca 100644
--- a/wpvulnerability.php
+++ b/wpvulnerability.php
@@ -5,7 +5,7 @@
* Description: Receive information about possible vulnerabilities in your WordPress from WordPress Vulnerability Database API.
* Requires at least: 4.1
* Requires PHP: 5.6
- * Version: 3.3.4
+ * Version: 3.3.5
* Author: Javier Casares
* Author URI: https://www.javiercasares.com/
* License: GPL-2.0-or-later
@@ -23,7 +23,7 @@
/**
* Set some constants that I can change in future verions
*/
-define( 'WPVULNERABILITY_PLUGIN_VERSION', '3.3.4' );
+define( 'WPVULNERABILITY_PLUGIN_VERSION', '3.3.5' );
define( 'WPVULNERABILITY_API_HOST', 'https://www.wpvulnerability.net/' );
define( 'WPVULNERABILITY_CACHE_HOURS', 12 );