ClassiPress Version 3.1.5
On October 7th, 2011, ClassiPress 3.1.5 (our WordPress classifieds theme) was released. This is an important security and bug release to primarily fix a potential XSS vulnerability reported by one of our customers, Paul Loftness. Upgrading is highly recommended to close this potential hole. Fixed 12 tickets total. A breakdown of tickets can be found below.
To download v3.1.5, visit AppThemes and login to your customer account. Existing customers can download the patch or the full version.
- facebook connect loop issue
- category selector missing go button issue
- links on the profile page displayed html instead of link
- header logo now properly links to the home page
- potential XSS vulnerabilities in the Facebook and Twitter widgets
- bug when saving ad pack on front-end form display
- logging out redirect to root on wordpress sub-directory installs
- issue when adding new coupons after upgrading from 3.1.3
- issue with popular blog posts sidebar widget not showing correct number
- enhanced the ajax category selector to handle unlimited categories
- can now delete website logo from options page
- includes new AppThemes framework
Modified style.css Modified author.php Modified README-FIRST.txt Deleted includes/timthumb.php Modified includes/gateways/process.php Modified includes/theme-header.php Modified includes/sidebar-popular.php Modified includes/forms/step1.php Modified includes/forms/step3-membership.php Modified includes/theme-profile.php Modified includes/admin/admin-updates.php Modified includes/admin/admin-addons.php Modified includes/admin/admin-options.php Modified includes/admin/admin-scripts.js Modified includes/admin/admin-values.php Modified includes/admin/install-script.php Modified includes/theme-widgets.php Modified includes/theme-functions.php Modified includes/theme-comments.php Modified single-ad_listing.php Modified header.php Modified classipress.pot Modified classipress-no-admin.pot Modified functions.php Modified changelog.txt Deleted classipress.po Deleted classipress-no-admin.po Added framework/