4 Releases 35 Tags

• v0.7.0 36e1fdc20a

  Compare

  Version 0.7.0 - Security Hardening

  magdev released this 2026-01-28 10:32:16 +00:00

  Security Fixes:

  • Fixed XSS vulnerability in checkout blocks DOM injection
  • Unified IP detection for rate limiting across all API endpoints
  • Added rate limiting to license transfers (5/hour) and downloads (30/hour)
  • Added file size, row limit, and rate limiting to CSV import
  • Added JSON decode error handling in StoreApiExtension
  • Added license ID validation to prevent selector injection

  New Files:

  • src/Api/IpDetectionTrait.php - Shared IP detection with proxy support
  • src/Common/RateLimitTrait.php - Reusable rate limiting for frontend operations

  Release package: wc-licensed-product-0.7.0.zip (883 KB)
  SHA256: 12f8452316e350273003f36bf6d7b7121a7bedc9a6964c3d0732d26318d94c18

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)