bug fix, release, security, wassup - 07:34 - 10 October 2016

WassUp 1.9.1

Critical security bug fixes and much more.

Download WassUp Version 1.9.1

Changelog:

patched security loopholes (xss vulnerability) in the ‘Top stats’ widget and in wassupURI::add_siteurl method
revised plugin code to improve prevention of XSS attacks via it’s interface and widgets
revised plugin code to comply with the latest requirements for inclusion in WordPress.org plugin repository
revised ‘readme.txt’ to comply with WordPress.org plugin repository guidelines.
new module, ‘wassupadmin.php’ for WassUp admin panels and dashboard widget
new module, ‘compatibility.php’ to check for WordPress and PHP compatibility and to load compatibility modules from /lib/compat-lib/ subfolder when available
removed backward compatibility folder, modules, and javascripts from WordPress’s copy of Wassup package to comply with WordPress plugin repository requirements.
Wassup’s backward-compatibility feature remains in the full copy of Wassup available at http://github.com/michelem09/wassup/
removed obsolete files ‘badhosts.txt’, ‘badhosts-intl.txt’
updated Google!Maps API link to use a common API key for Wassup-Spy (required by Google since 2016-06-22).
updated WassUp ‘wp-cron’ scheduled tasks to terminate (and restart) at reset-to-default, recording stop/start, and at plugin deactivate/reactivate events.
updated Wassup table export to omit all known spam/malware records from export by default…to avoid propagation of malware code when exported records are imported into other applications.
updated wassup_Akismet class to abort remote requests with timeout error after 5 seconds to avoid plugin slowdown due to slow server response.
updated ‘UADetector’ and ‘wDetector’ classes to improve browser and os detection (Microsoft Edge, Win10).
updated translation template, ‘wassup.pot’.
fixed problem with login page hits not being recorded.
fixed errors caused by disabled ‘set_time_limit’ function in some configurations.
fixed a ‘preg_match’ error that affected 404 and spam detection.
fixed a “script timeout” calculation/test error in Visitor-details.
fixed incorrect Wassup menu “href” values in network admin panels.
fixed a MySQL timezone/offset calculation error in some queries.
fixed a scheduled task validation error that caused some wp-cron tasks to fail.
miscellaneous minor bugfixes.
miscellaneous minor text changes
minor css changes for small screen devices.

News & Updates