We’ve just pushed an update to FooBox, bringing it to version 18.104.22.168. We recommend updating FooBox as soon as possible using the auto-update feature or by logging into your FooPlugins account and getting the latest copy.
We take security very seriously and with that in mind have patched an issue found in some code we’re using in the settings area of FooBox. Because this code only exists in the admin side, the likelihood of exploitation was very low as it meant that a potential threatening user would already need admin access.
We’ve posted the class on GitHub and welcome you to have a look, review the code, and offer your input.
New FooBox Features
You can see the entire changelog below, but I wanted to point out one especially useful feature addition.
FooBox Exclude Metabox for Pages and Posts
This new feature allows you to exclude FooBox from loading on specific pages and posts.
This was a commonly requested feature from our users, especially those using a variety of methods for displaying their media.
Last updated 25 Feb 2014
2014.02.25 – version 22.214.171.124
- Updated foolic_validation class (potential XSS vulnerability)
2014.02.22 – version 126.96.36.199
- Added check for # in custom CSS classes
- Rather bind to body over document for all images setting
2014.02.20 – version 188.8.131.52
- Added fix for overriding captions on WP galleries
2014.02.17 – version 184.108.40.206
- Added option to hide social icons initially
- Added option to hide caption initially
- Added radio option to choose how to share items via social icons
2014.02.13 – version 220.127.116.11
- FB share tried to use attachment page so correct image is shown in timelines
2014.02.08 – version 18.104.22.168
- Added FooBox Exclude metabox to pages and posts