fix security issue of page import

Author: rayhanuddin2019

inc/admin/st-init.php

@@ -136,9 +136,12 @@ public function save_wp_page_import_track($post_id, $original_id, $postdata, $da
 	}
 
 	function aae_get_latest_imported_pages() {
-		// Optional nonce check
-		if (isset($_POST['nonce']) && ! wp_verify_nonce(sanitize_text_field($_POST['nonce']), 'wcf_admin_nonce')) {
-			wp_send_json_error(['message' => 'Invalid nonce'], 403);
+		// phpcs:disable WordPress.Security.NonceVerification.Missing
+		if (
+			! isset( $_POST['nonce'] ) ||
+			! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['nonce'] ) ), 'wcf_admin_nonce' )
+		) {
+			wp_send_json_error( [ 'message' => 'Invalid or missing nonce' ], 403 );
 		}
 
 		$per_page = isset($_POST['per_page']) ? max(1, (int) $_POST['per_page']) : 1; // latest one by default

readme.txt

@@ -2,7 +2,7 @@
 Contributors: wealcoder, wcrayhan, jhshakil, ahsanriad, hamimbepari, devsabbirhossain
 Donate link: https://buy.stripe.com/3cs3dI7DQauI0py9AC
 Tags: Elementor, Elementor Addons, Elementor Templates, Animation, Templates
-Requires at least: 6.0
+Requires at least: 6.6
 Tested up to: 6.8
 Requires PHP: 7.4
 Stable tag: 2.4.0