From ef143c279fa6cd367e72ab109d5f00eefaf59a33 Mon Sep 17 00:00:00 2001 From: Bitpoke Bot Date: Mon, 14 Oct 2024 08:43:53 +0000 Subject: [PATCH] Update `Jetpack` plugin from 13.9 to 13.9.1 --- wp-content/plugins/jetpack/jetpack.php | 4 ++-- .../src/contact-form/class-contact-form-endpoint.php | 6 ++++++ wp-content/plugins/jetpack/readme.txt | 6 +++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/wp-content/plugins/jetpack/jetpack.php b/wp-content/plugins/jetpack/jetpack.php index f72f86f8a..a0b427aa7 100644 --- a/wp-content/plugins/jetpack/jetpack.php +++ b/wp-content/plugins/jetpack/jetpack.php @@ -4,7 +4,7 @@ * Plugin URI: https://jetpack.com * Description: Security, performance, and marketing tools made by WordPress experts. Jetpack keeps your site protected so you can focus on more important things. * Author: Automattic - * Version: 13.9 + * Version: 13.9.1 * Author URI: https://jetpack.com * License: GPL2+ * Text Domain: jetpack @@ -34,7 +34,7 @@ define( 'JETPACK__MINIMUM_WP_VERSION', '6.5' ); define( 'JETPACK__MINIMUM_PHP_VERSION', '7.0' ); -define( 'JETPACK__VERSION', '13.9' ); +define( 'JETPACK__VERSION', '13.9.1' ); /** * Constant used to fetch the connection owner token diff --git a/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-forms/src/contact-form/class-contact-form-endpoint.php b/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-forms/src/contact-form/class-contact-form-endpoint.php index 4338d939f..fc888fc5d 100644 --- a/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-forms/src/contact-form/class-contact-form-endpoint.php +++ b/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-forms/src/contact-form/class-contact-form-endpoint.php @@ -22,6 +22,9 @@ class Contact_Form_Endpoint extends \WP_REST_Posts_Controller { * @return WP_Error|boolean */ public function get_items_permissions_check( $request ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable + if ( ! current_user_can( 'edit_pages' ) ) { + return false; + } if ( ! is_user_member_of_blog( get_current_user_id(), get_current_blog_id() ) ) { return new WP_Error( 'rest_cannot_view', @@ -40,6 +43,9 @@ public function get_items_permissions_check( $request ) { //phpcs:ignore Variabl * @return WP_Error|boolean */ public function get_item_permissions_check( $request ) { //phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable + if ( ! current_user_can( 'edit_pages' ) ) { + return false; + } if ( ! is_user_member_of_blog( get_current_user_id(), get_current_blog_id() ) ) { return new WP_Error( 'rest_cannot_view', diff --git a/wp-content/plugins/jetpack/readme.txt b/wp-content/plugins/jetpack/readme.txt index d562f9514..de348c579 100644 --- a/wp-content/plugins/jetpack/readme.txt +++ b/wp-content/plugins/jetpack/readme.txt @@ -1,7 +1,7 @@ === Jetpack - WP Security, Backup, Speed, & Growth === Contributors: automattic, adamkheckler, adrianmoldovanwp, aduth, akirk, allendav, alternatekev, andy, annamcphee, annezazu, apeatling, arcangelini, arsihasi, azaozz, barry, batmoo, beaulebens, bindlegirl, biskobe, bjorsch, blobaugh, brbrr, brileyhooper, cainm, cena, cfinke, cgastrell, chaselivingston, chellycat, clickysteve, csonnek, danielbachhuber, daniloercoli, davoraltman, delawski, designsimply, dkmyta, dllh, drawmyface, dsmart, dun2mis, dzver, ebinnion, egregor, eliorivero, enej, eoigal, erania-pinnera, ethitter, fgiannar, gcorne, georgestephanis, gibrown, goldsounds, hew, hugobaeta, hypertextranch, iammattthomas, iandunn, joen, jblz, jeffgolenski, jeherve, jenhooks, jenia, jessefriedman, jgs, jkudish, jmdodd, joanrho, johnjamesjacoby, jshreve, kbrownkd, keoshi, koke, kraftbj, lancewillett, leogermani, lhkowalski, lschuyler, macmanx, martinremy, matt, mattwiebe, matveb, maverick3x6, mcsf, mdawaffe, mdbitz, MichaelArestad, migueluy, miguelxavierpenha, mikeyarce, mkaz, nancythanki, nickmomrik, njweller, nunyvega, obenland, oskosk, pento, professor44, rachelsquirrel, rdcoll, renatoagds, retrofox, richardmtl, richardmuscat, robertbpugh, roccotripaldi, ryancowles, samhotchkiss, samiff, scarstocea, scottsweb, sdixon194, sdquirk, sermitr, simison, stephdau, thehenridev, tmoorewp, tyxla, Viper007Bond, westi, williamvianas, wpkaren, yoavf, zinigor Tags: Security, backup, malware, scan, performance -Stable tag: 13.9 +Stable tag: 13.9.1 Requires at least: 6.5 Requires PHP: 7.0 Tested up to: 6.6 @@ -326,6 +326,10 @@ Jetpack Backup can do a full website migration to a new host, migrate theme file == Changelog == +### 13.9.1 - 2024-10-14 +#### Security: +- Contact Form: ensure that submitted forms can only be accessed by logged in users allowed to view form submissions. + ### 13.9 - 2024-10-01 #### Major Enhancements - Jetpack plugin: Remove the 'WordPress.com Toolbar' module.