Pro v2.3.1 with support for bootstrap tabs & security fixes is available

Posted on 28 May, 2015

Category:

Pro-Version Releases
Attention: this is not the changelog for the latest stable version 4.28 (see related release notes)

As Maps Marker Pro runs on your server, delivering a secure product is very important to us.

24 hours ago, we were contacted by Akamai who performed a intensive security review of Maps Marker Pro and found 3 potential XSS vulnerabilities. Although the exploitability was reported to be pretty low, we immediately started working on this release, fixing these issues. Many thanks especially to Chad from Akamai for the responsible disclosure!

An update to the latest version is – as always and in this case particularly – highly recommended.


Let us know what you think about this new release by submitting a review or leaving a comment below!

If you want to keep up to date with the latest Maps Marker development, please follow @MapsMarker on twitter (= most current updates), on FacebookGoogle+ or subscribe to news via RSS or via RSS/email.

We would also like to invite you to join our affiliate program which offers commissions up to 50%. If you are interested in becoming a reseller, please visit https://www.mapsmarker.com/reseller


Now let´s get to the other highlights of pro v2.3.1:

add support for displaying maps in bootstrap tabs

Maps are now also displayed properly when loaded in bootstrap tabs (as well as jQuery UI tabs which is already supported since v1.1.2).

Other changes and optimizations

  • optimized install- and update routine script (less database queries needed)

Bugfixes

  • 3 potential XSS vulnerabilities discovered by Akamai – many thanks for the responsible disclosure!

Translations updates

Thanks to many motivated contributors, this release includes updates to the following translations:

  • Norwegian (Bokmål) translation thanks to Inge Tang, http://drommemila.no
  • Russian translation thanks to Ekaterina Golubina (supported by Teplitsa of Social Technologies – http://te-st.ru) and Vyacheslav Strenadko, http://poi-gorod.ru

If you want to contribute to translations (new Hindi translators would be appreciated!), please visit https://translate.mapsmarker.com/projects/lmm for more information.

Please note that translators are also compensated for their contribution – for example if a translation is finished less than 50%, the translator receives a free 25 licenses pack worth €149 as a compensation for completing the translation to 100%.

Known issues

Unfortunately there is currently one issue that cannot be resolved directly within Maps Marker Pro:

With WordPress 4.2, Emoji support was added. Unfortunately there is an open bug (details) which can result in frozen maps or crashes on Internet Explorer – so WordPress 4.2, 4.2.1 and 4.2.2 are affected. According to the related trac ticket, a fix is already available and will hopefully be deployed soon with WordPress 4.2.3.

As workaround until WordPress 4.2.3 is available you can only disable Emojis at the moment for maps to also work properly in Internet Explorer.

We am really sorry for this issue, but this is beyond our influence – we already contacted the guys & ladies at WordPress and hope that the fix for the Emoji/SVG bug will be available soon.

Outlook – plans for the next releases

Please understand that we am not being able to promise any release dates for new features. The roadmap for major new features gives you an idea where Maps Marker Pro is heading – anyway we just would want to keep the flexibility to add optimizations and bugfixes with rather unplanned minor releases resulting mostly from users feedback.

Please subscribe to this blog (via RSS or Email) or follow @MapsMarker on twitter (= most current updates) if you want to stay up to date with the latest development news.

Full changelog

add support for displaying maps in bootstrap tabs
optimized install- and update routine script (less database queries needed)
3 potential XSS vulnerabilities discovered by Akamai – many thanks for the responsible disclosure!
Translation updates
In case you want to help with translations, please visit the web-based translation plattform
updated Norwegian (Bokmål) translation thanks to Inge Tang, http://drommemila.no
updated Russian translation thanks to Ekaterina Golubina (supported by Teplitsa of Social Technologies – http://te-st.ru) and Vyacheslav Strenadko, http://poi-gorod.ru
Known issues
Internet Explorer can crash with WordPress 4.2 to 4.2.2 due to Emoji conflict (details) – planned to be fixed with WordPress 4.2.3, workaround until WordPress 4.2.3 is available: disable Emojis

show previous changelogs

How to download / update

The easiest way to update is to use the WordPress update process: login with an user who has admin privileges, navigate to Dashboard / Updates, select plugins to update and press the button “Update Plugins”. The pro plugin checks every 12 hours if a new version is available. You can also manually trigger the update check by going to Plugins and clicking on the link “Manually check for updates” next to “Maps Marker Pro”:

manual-update-check

If you do not see the link “Check for updates” and are using a version below 1.7, please update manually once by downloading the current package from https://www.mapsmarker.com/download-pro and overwritting the existing plugin files on your server via FTP. This might be needed on several hosts, which use outdated SSL libraries, which prevent Maps Marker Pro from making a secure connection to retrieve the update package from mapsmarker.com. Pro v1.7 includes a workaround for those kind of servers and the following updates should work again as usual. If you are affected and need help, please open a support ticket.

How to verify the integrity of the plugin package

SHA-256 hash value:

0a182d9736c28763819daf006cc236408a18482c1653bfc9bc8f9522a249a7ef

Click here for a tutorial on how to verify the integrity of the plugin package (recommended if the plugin package for a new installation was not downloaded from https://www.mapsmarker.com – verification is not needed though if the automatic update process is used)

Additional update notes for beta tester

No additional action on plugin update required.