As Maps Marker Pro runs on your server, delivering a secure product is very important to us.
24 hours ago, we were contacted by Akamai who performed a intensive security review of Maps Marker Pro and found 3 potential XSS vulnerabilities. Although the exploitability was reported to be pretty low, we immediately started working on this release, fixing these issues. Many thanks especially to Chad from Akamai for the responsible disclosure!
An update to the latest version is – as always and in this case particularly – highly recommended.
Let us know what you think about this new release by submitting a review or leaving a comment below!
If you want to keep up to date with the latest Maps Marker development, please follow @MapsMarker on twitter (= most current updates), on Facebook, Google+ or subscribe to news via RSS or via RSS/email.
Now let´s get to the other highlights of pro v2.3.1:
add support for displaying maps in bootstrap tabs
Maps are now also displayed properly when loaded in bootstrap tabs (as well as jQuery UI tabs which is already supported since v1.1.2).
Other changes and optimizations
- optimized install- and update routine script (less database queries needed)
- 3 potential XSS vulnerabilities discovered by Akamai – many thanks for the responsible disclosure!
Thanks to many motivated contributors, this release includes updates to the following translations:
- Norwegian (Bokmål) translation thanks to Inge Tang, http://drommemila.no
- Russian translation thanks to Ekaterina Golubina (supported by Teplitsa of Social Technologies – http://te-st.ru) and Vyacheslav Strenadko, http://poi-gorod.ru
If you want to contribute to translations (new Hindi translators would be appreciated!), please visit https://translate.mapsmarker.com/projects/lmm for more information.
Please note that translators are also compensated for their contribution – for example if a translation is finished less than 50%, the translator receives a free 25 licenses pack worth €149 as a compensation for completing the translation to 100%.
Unfortunately there is currently one issue that cannot be resolved directly within Maps Marker Pro:
With WordPress 4.2, Emoji support was added. Unfortunately there is an open bug (details) which can result in frozen maps or crashes on Internet Explorer – so WordPress 4.2, 4.2.1 and 4.2.2 are affected. According to the related trac ticket, a fix is already available and will hopefully be deployed soon with WordPress 4.2.3.
As workaround until WordPress 4.2.3 is available you can only disable Emojis at the moment for maps to also work properly in Internet Explorer.
We am really sorry for this issue, but this is beyond our influence – we already contacted the guys & ladies at WordPress and hope that the fix for the Emoji/SVG bug will be available soon.
Outlook – plans for the next releases
Please understand that we am not being able to promise any release dates for new features. The roadmap for major new features gives you an idea where Maps Marker Pro is heading – anyway we just would want to keep the flexibility to add optimizations and bugfixes with rather unplanned minor releases resulting mostly from users feedback.
|add support for displaying maps in bootstrap tabs|
|optimized install- and update routine script (less database queries needed)|
|3 potential XSS vulnerabilities discovered by Akamai – many thanks for the responsible disclosure!|
In case you want to help with translations, please visit the web-based translation plattform
|updated Norwegian (Bokmål) translation thanks to Inge Tang, http://drommemila.no|
|updated Russian translation thanks to Ekaterina Golubina (supported by Teplitsa of Social Technologies – http://te-st.ru) and Vyacheslav Strenadko, http://poi-gorod.ru|
|Internet Explorer can crash with WordPress 4.2 to 4.2.2 due to Emoji conflict (details) – planned to be fixed with WordPress 4.2.3, workaround until WordPress 4.2.3 is available: disable Emojis|
How to download / update
The easiest way to update is to use the WordPress update process: login with an user who has admin privileges, navigate to Dashboard / Updates, select plugins to update and press the button “Update Plugins”. The pro plugin checks every 12 hours if a new version is available. You can also manually trigger the update check by going to Plugins and clicking on the link “Manually check for updates” next to “Maps Marker Pro”:
If you do not see the link “Check for updates” and are using a version below 1.7, please update manually once by downloading the current package from https://www.mapsmarker.com/download-pro and overwritting the existing plugin files on your server via FTP. This might be needed on several hosts, which use outdated SSL libraries, which prevent Maps Marker Pro from making a secure connection to retrieve the update package from mapsmarker.com. Pro v1.7 includes a workaround for those kind of servers and the following updates should work again as usual. If you are affected and need help, please open a support ticket.
How to verify the integrity of the plugin package
SHA-256 hash value:
Click here for a tutorial on how to verify the integrity of the plugin package (recommended if the plugin package for a new installation was not downloaded from https://www.mapsmarker.com – verification is not needed though if the automatic update process is used)
Additional update notes for beta tester
No additional action on plugin update required.