From ce3f1368609173f6f7fcdc29ccc3202c6ab66add Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Fri, 8 Mar 2024 16:42:59 +0530
Subject: [PATCH 01/11] esc data

---
 modules/flip-box/includes/frontend.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/flip-box/includes/frontend.php b/modules/flip-box/includes/frontend.php
index a93388ee..1e969898 100644
--- a/modules/flip-box/includes/frontend.php
+++ b/modules/flip-box/includes/frontend.php
@@ -33,7 +33,7 @@
 					<?php
 					if ( '' != $settings->title_back ) {
 						?>
-					<<?php echo $settings->back_title_typography_tag_selection; ?> class="uabb-back-text-title"><?php echo $settings->title_back; ?></<?php echo $settings->back_title_typography_tag_selection; ?>>
+					<<?php echo esc_attr( $settings->back_title_typography_tag_selection ); ?> class="uabb-back-text-title"><?php echo esc_attr( $settings->title_back ); ?></<?php echo esc_attr( $settings->back_title_typography_tag_selection ); ?>>
 						<?php
 					}
 					if ( '' != $settings->desc_back ) {

From fb3ab289228a62b0c6e30b34a5e17cafb39554c8 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 11:58:59 +0530
Subject: [PATCH 02/11] Added changelog

---
 README.md  | 1 +
 readme.txt | 1 +
 2 files changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 3462127a..7a3b9df0 100644
--- a/README.md
+++ b/README.md
@@ -216,6 +216,7 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 ## Changelog ##
 
 ### 1.5.7.1 ###
+* Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
 ### 1.5.7 ###
diff --git a/readme.txt b/readme.txt
index a63d7a4a..72a79b4b 100644
--- a/readme.txt
+++ b/readme.txt
@@ -216,6 +216,7 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 == Changelog ==
 
 = 1.5.7.1 = 
+* Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
 = 1.5.7 = 

From 0457eb9635d66a7aa7d487d0a83c5c25578f3fa7 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 13:16:01 +0530
Subject: [PATCH 03/11] advance-icon esc_url

---
 modules/advanced-icon/includes/frontend.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/advanced-icon/includes/frontend.php b/modules/advanced-icon/includes/frontend.php
index d26e422a..cba2b0ff 100644
--- a/modules/advanced-icon/includes/frontend.php
+++ b/modules/advanced-icon/includes/frontend.php
@@ -19,7 +19,7 @@
 	if ( ! empty( $icon->connections->link ) && empty( $icon->link ) && ! FLBuilderModel::is_builder_active() ) {
 		echo '';
 	} else {
-		echo '<a class="adv-icon-link adv-icon-' . esc_attr( $icon_count ) . '" href="' . $icon->link . '" target="' . esc_attr( $icon->link_target ) . '" ' . sanitize_text_field( BB_Ultimate_Addon_Helper::get_link_rel( $icon->link_target, $icon->link_nofollow, 0 ) ) . '>'; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+		echo '<a class="adv-icon-link adv-icon-' . esc_attr( $icon_count ) . '" href="' . esc_url( $icon->link ) . '" target="' . esc_attr( $icon->link_target ) . '" ' . sanitize_text_field( BB_Ultimate_Addon_Helper::get_link_rel( $icon->link_target, $icon->link_nofollow, 0 ) ) . '>'; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 		$imageicon_array = array(
 
 			/* General Section */

From cb1e4b9910e762b6282d69035656d742f3c0be7f Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 13:53:01 +0530
Subject: [PATCH 04/11] button-widget santize

---
 modules/uabb-button/includes/frontend.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/uabb-button/includes/frontend.php b/modules/uabb-button/includes/frontend.php
index 52e02b3c..23537466 100644
--- a/modules/uabb-button/includes/frontend.php
+++ b/modules/uabb-button/includes/frontend.php
@@ -22,7 +22,7 @@
 		<?php
 	}
 	?>
-		<a href="<?php echo $settings->link; ?>" target="<?php echo $settings->link_target; ?>" <?php UABB_Helper::get_link_rel( $settings->link_target, $link_nofollow, 1 ); ?>class="uabb-button uabb-creative-button <?php echo 'uabb-creative-' . $settings->style . '-btn'; ?> <?php echo $module->get_button_style(); ?> <?php echo ( isset( $settings->a_class ) ) ? $settings->a_class : ''; ?> " <?php echo ( isset( $settings->a_data ) ) ? $settings->a_data : ''; ?> role="button">
+		<a href="<?php echo esc_url( $settings->link ); ?>" target="<?php echo esc_attr( $settings->link_target ); ?>" <?php UABB_Helper::get_link_rel( esc_attr( $settings->link_target ), $link_nofollow, 1 ); ?>class="uabb-button uabb-creative-button <?php echo 'uabb-creative-' . esc_attr( $settings->style ) . '-btn'; ?> <?php echo esc_attr( $module->get_button_style() ); ?> <?php echo ( isset( $settings->a_class ) ) ? esc_attr( $settings->a_class ) : ''; ?> " <?php echo ( isset( $settings->a_data ) ) ? esc_attr( $settings->a_data ) : ''; ?> role="button">
 			<?php
 			if ( ! empty( $settings->icon ) && ( 'before' == $settings->icon_position || ! isset( $settings->icon_position ) ) ) :
 

From 6cda69d282d0d84295081dc5d36e5e9959bb27f1 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 15:03:22 +0530
Subject: [PATCH 05/11] info-table sanitize

---
 modules/info-table/includes/frontend.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/info-table/includes/frontend.php b/modules/info-table/includes/frontend.php
index 36d2a1bf..e7e62f99 100644
--- a/modules/info-table/includes/frontend.php
+++ b/modules/info-table/includes/frontend.php
@@ -26,7 +26,7 @@
 			<?php echo '</' . $settings->sub_heading_tag_selection . '>'; ?>
 			<?php if ( 'cta' == $settings->it_link_type && 'design02' == $settings->box_design ) { ?>
 			<div class="info-table-button">
-				<a href="<?php echo $settings->it_link; ?>" target="<?php echo $settings->it_link_target; ?>" <?php UABB_Helper::get_link_rel( $settings->it_link_target, $link_nofollow, 1 ); ?>><?php echo $settings->button_text; ?></a>
+				<a href="<?php echo esc_url( $settings->it_link ); ?>" target="<?php echo esc_attr( $settings->it_link_target ); ?>" <?php UABB_Helper::get_link_rel( esc_attr( $settings->it_link_target ), $link_nofollow, 1 ); ?>><?php echo esc_html( $settings->button_text ); ?></a>
 			</div>
 			<?php } ?>	
 		</div>
@@ -73,7 +73,7 @@
 		</div>
 		<?php if ( 'cta' == $settings->it_link_type && 'design02' != $settings->box_design ) { ?>
 		<div class="info-table-button">
-			<a href="<?php echo $settings->it_link; ?>" target="<?php echo $settings->it_link_target; ?>"><?php echo $settings->button_text; ?></a>
+			<a href="<?php echo esc_url( $settings->it_link ); ?>" target="<?php echo esc_attr( $settings->it_link_target ); ?>"><?php echo esc_html( $settings->button_text ); ?></a>
 		</div>
 		<?php } ?>
 	</div>

From 2b3f3ce13f802354889e328bbd704db60c514706 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 16:20:11 +0530
Subject: [PATCH 06/11] heading sanitize

---
 modules/uabb-heading/includes/frontend.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/uabb-heading/includes/frontend.php b/modules/uabb-heading/includes/frontend.php
index b6c13f66..f83d1e2c 100644
--- a/modules/uabb-heading/includes/frontend.php
+++ b/modules/uabb-heading/includes/frontend.php
@@ -35,7 +35,7 @@
 
 	<<?php echo $settings->tag; ?> class="uabb-heading">
 		<?php if ( ! empty( $settings->link ) ) : ?>
-			<a href="<?php echo $settings->link; ?>" title="<?php echo $settings->heading; ?>" target="<?php echo $settings->link_target; ?>" <?php BB_Ultimate_Addon_Helper::get_link_rel( $settings->link_target, $settings->link_nofollow, 1 ); ?>>
+			<a href="<?php echo esc_url( $settings->link ); ?>" title="<?php echo esc_attr( $settings->heading ); ?>" target="<?php echo esc_attr( $settings->link_target ); ?>" <?php BB_Ultimate_Addon_Helper::get_link_rel( esc_attr( $settings->link_target ), $settings->link_nofollow, 1 ); ?>>
 			<?php endif; ?>
 			<span class="uabb-heading-text"><?php echo $settings->heading; ?></span>
 			<?php if ( ! empty( $settings->link ) ) : ?>

From 20244c9f4f2fef98cc72bdeb7daa87531ac01060 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 16:46:11 +0530
Subject: [PATCH 07/11] image-sep santize

---
 modules/image-separator/includes/frontend.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/image-separator/includes/frontend.php b/modules/image-separator/includes/frontend.php
index 3a3477e4..96e96d56 100644
--- a/modules/image-separator/includes/frontend.php
+++ b/modules/image-separator/includes/frontend.php
@@ -11,7 +11,7 @@
 ?>
 <div class="uabb-module-content uabb-imgseparator-wrap">
 	<?php if ( 'yes' == $settings->enable_link ) : ?>
-	<a class="imgseparator-link" href="<?php echo $settings->link; ?>" target="<?php echo $settings->link_target; ?>"></a>
+	<a class="imgseparator-link" href="<?php echo esc_url( $settings->link ); ?>" target="<?php echo esc_attr( $settings->link_target ); ?>"></a>
 	<?php endif; ?>
 	<div class="uabb-image-separator uabb-image
 	<?php

From 7eb9b8936c91d77bbdcc4fb2b629de21e070c1f4 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 16:52:05 +0530
Subject: [PATCH 08/11] Added Changelog

---
 README.md  | 1 +
 readme.txt | 1 +
 2 files changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 7a3b9df0..0569c1e2 100644
--- a/README.md
+++ b/README.md
@@ -217,6 +217,7 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 
 ### 1.5.7.1 ###
 * Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
+* Improvement: Multiple Security Improvements.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
 ### 1.5.7 ###
diff --git a/readme.txt b/readme.txt
index 72a79b4b..be6fabe1 100644
--- a/readme.txt
+++ b/readme.txt
@@ -217,6 +217,7 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 
 = 1.5.7.1 = 
 * Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
+* Improvement: Multiple Security Improvements.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
 = 1.5.7 = 

From 64e0b0f97dbce2ebea8f0a2e22377e3c0fc47c06 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Tue, 12 Mar 2024 17:48:45 +0530
Subject: [PATCH 09/11] updated changelog

---
 README.md  | 1 -
 readme.txt | 1 -
 2 files changed, 2 deletions(-)

diff --git a/README.md b/README.md
index 0569c1e2..7a3b9df0 100644
--- a/README.md
+++ b/README.md
@@ -217,7 +217,6 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 
 ### 1.5.7.1 ###
 * Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
-* Improvement: Multiple Security Improvements.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
 ### 1.5.7 ###
diff --git a/readme.txt b/readme.txt
index be6fabe1..72a79b4b 100644
--- a/readme.txt
+++ b/readme.txt
@@ -217,7 +217,6 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 
 = 1.5.7.1 = 
 * Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
-* Improvement: Multiple Security Improvements.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
 = 1.5.7 = 

From 96f38ba945c1c7aa6d53b5632092fd1fc27a7912 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Wed, 13 Mar 2024 19:20:18 +0530
Subject: [PATCH 10/11]  WP tag updated

---
 README.md  | 2 +-
 readme.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7a3b9df0..7681fa46 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 **Donate link:** https://www.paypal.me/BrainstormForce  
 **Tags:** beaver builder, beaver builder free, beaver addons, beaver builder addon, beaver builder add ons, beaver builder lite, beaver builder modules, beaver builder addons, beaver builder extensions, beaver addon, beaver builder plugin, beaver builder wordpress  
 **Requires at least:** 4.6  
-**Tested up to:** 6.4.1  
+**Tested up to:** 6.5  
 **Stable tag:** 1.5.7  
 **License:** GPLv2 or later  
 **License URI:** https://www.gnu.org/licenses/gpl-2.0.html  
diff --git a/readme.txt b/readme.txt
index 72a79b4b..8856c743 100644
--- a/readme.txt
+++ b/readme.txt
@@ -3,7 +3,7 @@ Contributors: brainstormforce
 Donate link: https://www.paypal.me/BrainstormForce
 Tags: beaver builder, beaver builder free, beaver addons, beaver builder addon, beaver builder add ons, beaver builder lite, beaver builder modules, beaver builder addons, beaver builder extensions, beaver addon, beaver builder plugin, beaver builder wordpress
 Requires at least: 4.6
-Tested up to: 6.4.1
+Tested up to: 6.5
 Stable tag: 1.5.7
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html

From 5b1edb111c6d6cda5c0740c666486db5f475d742 Mon Sep 17 00:00:00 2001
From: Vijeta Raikar <110518282+vijetaR@users.noreply.github.com>
Date: Wed, 20 Mar 2024 16:25:37 +0530
Subject: [PATCH 11/11] Tag and Changelog update

---
 README.md             | 4 ++--
 bb-ultimate-addon.php | 4 ++--
 readme.txt            | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 7681fa46..f2be74bf 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
 **Tags:** beaver builder, beaver builder free, beaver addons, beaver builder addon, beaver builder add ons, beaver builder lite, beaver builder modules, beaver builder addons, beaver builder extensions, beaver addon, beaver builder plugin, beaver builder wordpress  
 **Requires at least:** 4.6  
 **Tested up to:** 6.5  
-**Stable tag:** 1.5.7  
+**Stable tag:** 1.5.8  
 **License:** GPLv2 or later  
 **License URI:** https://www.gnu.org/licenses/gpl-2.0.html  
 
@@ -215,7 +215,7 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 
 ## Changelog ##
 
-### 1.5.7.1 ###
+### 1.5.8 ###
 * Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
 * Fixed: Info List - Undefined variable issue with PHP 8.
 
diff --git a/bb-ultimate-addon.php b/bb-ultimate-addon.php
index 716f7c64..e881f0f8 100644
--- a/bb-ultimate-addon.php
+++ b/bb-ultimate-addon.php
@@ -3,7 +3,7 @@
  * Plugin Name: Ultimate Addons for Beaver Builder - Lite
  * Plugin URI: http://www.ultimatebeaver.com/
  * Description: Ultimate Addons is a free extension for Beaver Builder that adds 10 modules, and works on top of any Beaver Builder Package. (Free, Standard, Pro & Agency) You can use it with on any WordPress theme.
- * Version: 1.5.7
+ * Version: 1.5.8
  * Author: Brainstorm Force
  * Author URI: http://www.brainstormforce.com
  * Text Domain: uabb
@@ -18,7 +18,7 @@
 
 	define( 'BB_ULTIMATE_ADDON_DIR', plugin_dir_path( __FILE__ ) );
 	define( 'BB_ULTIMATE_ADDON_URL', plugins_url( '/', __FILE__ ) );
-	define( 'BB_ULTIMATE_ADDON_LITE_VERSION', '1.5.7' );
+	define( 'BB_ULTIMATE_ADDON_LITE_VERSION', '1.5.8' );
 	define( 'BSF_REMOVE_UABB_FROM_REGISTRATION_LISTING', true );
 	define( 'BB_ULTIMATE_ADDON_FILE', trailingslashit( dirname( __FILE__ ) ) . 'bb-ultimate-addon.php' );// @codingStandardsIgnoreLine.
 	define( 'BB_ULTIMATE_ADDON_LITE', true );
diff --git a/readme.txt b/readme.txt
index 8856c743..e6b5a593 100644
--- a/readme.txt
+++ b/readme.txt
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.me/BrainstormForce
 Tags: beaver builder, beaver builder free, beaver addons, beaver builder addon, beaver builder add ons, beaver builder lite, beaver builder modules, beaver builder addons, beaver builder extensions, beaver addon, beaver builder plugin, beaver builder wordpress
 Requires at least: 4.6
 Tested up to: 6.5
-Stable tag: 1.5.7
+Stable tag: 1.5.8
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 
@@ -215,7 +215,7 @@ Yes it is! This plugin comes with .po and .mo files. It is already translated in
 
 == Changelog ==
 
-= 1.5.7.1 = 
+= 1.5.8 = 
 * Improvement: This update addressed a security bug. Props to Patchstack for privately reporting it to our team.
 * Fixed: Info List - Undefined variable issue with PHP 8.