We have released the latest version, v1.96e, that addresses multiple vulnerabilities.
Addressed issues
JVN # 25169201 、 JVN # 78136476 、 JVN # 82637986 、 JVN # 86758963 、 JVN # 95687190 、 JVNVU # 99467898
In this version, the specifications have been changed so that scripts cannot be pasted at all.
To make it work as usual, please add the following two lines to the end of config.php after considering the danger of the pasted script.
define("SAVE_CONTENTS_SCRIPT", true);
define("ECHO_CONTENTS_SCRIPT", true);
The first line is an option that allows the text containing the script to be stored in the database
The second line gives you the option to allow the script contained in the text to run.
* You can also delete define ("SAVE_CONTENTS_SCRIPT", true); only when you need to save the script .
Thank you for your cooperation.