update

Author: rayhanuddin2019

animation-addons-for-elementor.php

@@ -3,7 +3,7 @@
  * Plugin Name: Animation Addons
  * Description: Animation Addons for Elementor comes with GSAP Animation Builder, Customizable Widgets, Header Footer, Single Post, Archive Page Builder, and more.
  * Plugin URI:  https://animation-addons.com/
- * Version:     2.3.11
+ * Version:     2.3.12
  * Author:      Wealcoder
  * Author URI:  https://animation-addons.com/
  * License:           GPL v2 or later
@@ -26,7 +26,7 @@
 	/**
 	 * Plugin Version.
 	 */
-	define( 'WCF_ADDONS_VERSION', '2.3.11' );
+	define( 'WCF_ADDONS_VERSION', '2.3.12' );
 }
 if ( ! defined( 'WCF_ADDONS_FILE' ) ) {
 	/**

class-plugin.php

@@ -937,7 +937,7 @@ private function include_files()
 		include_once WCF_ADDONS_PATH . 'inc/post-rating-handler.php';
 		include_once WCF_ADDONS_PATH . 'inc/category-fields.php';
 		include_once WCF_ADDONS_PATH . 'inc/admin/image-cache.php';
-		include_once WCF_ADDONS_PATH . 'inc/admin/page-import.php';
+		//include_once WCF_ADDONS_PATH . 'inc/admin/page-import.php';
 		include_once WCF_ADDONS_PATH . 'widgets/mailchimp/mailchimp-api.php';
 		include_once WCF_ADDONS_PATH . 'inc/trait-wcf-nested-slider.php';
 

inc/theme-builder/theme-builder.php

@@ -1442,12 +1442,12 @@ class="bi bi-x-lg" viewBox="0 0 16 16"><path
 								<label class="wcf-addons-template-edit-label">{{{data.heading.fields.trigger}}}</label>
 									<select class="wcf-addons-template-edit-input" name="wcf-addons--popup--builder-trigger"
 										id="wcf-addons--popup--builder-trigger">
-										<option value="click"><?php echo esc_html__('Click', 'animation-addons-for-elementor'); ?></option>
+										<!-- <option value="click"><?php echo esc_html__('Click', 'animation-addons-for-elementor'); ?></option> -->
 										<option value="pageloaded"><?php echo esc_html__('Page Loaded', 'animation-addons-for-elementor'); ?></option>
 										<option value="pageexit"><?php echo esc_html__('Page Body Exist', 'animation-addons-for-elementor'); ?></option>
-										<option value="user_inactivity"><?php echo esc_html__('User Inactivity', 'animation-addons-for-elementor'); ?></option>
-										<option value="page_scroll"><?php echo esc_html__('Page Scroll', 'animation-addons-for-elementor'); ?></option>
-										<option value="page_scroll_up"><?php echo esc_html__('Page Scroll Up', 'animation-addons-for-elementor'); ?></option>
+										<!-- <option value="user_inactivity"><?php echo esc_html__('User Inactivity', 'animation-addons-for-elementor'); ?></option> -->
+										<!-- <option value="page_scroll"><?php echo esc_html__('Page Scroll', 'animation-addons-for-elementor'); ?></option> -->
+										<!-- <option value="page_scroll_up"><?php echo esc_html__('Page Scroll Up', 'animation-addons-for-elementor'); ?></option> -->
 									</select>
 							</div>
 							<div class="wcf-addons-template-edit-field aae-popup-builder-location hidden">

inc/trait-wcf-post-query.php

@@ -734,6 +734,7 @@ protected function query_arg() {
 
 		if(isset($_GET['aae-ajax-filter']))
 		{
+			// phpcs:ignore WordPress.Security.NonceVerification.Recommended
 			if(isset($_GET['tax']) && isset($_GET['term']) && $_GET['term'] != 'all'){
 				$query_args['tax_query'][] = [
 					'taxonomy' => sanitize_text_field( wp_slash( $_GET['tax'] ) ),
@@ -745,15 +746,18 @@ protected function query_arg() {
 
 		if(isset($_GET['aae-ajax-filter']))
 		{
+			// phpcs:ignore WordPress.Security.NonceVerification.Recommended
 			if(isset($_GET['tax']) && isset($_GET['term']) && $_GET['term'] != 'all'){
 				$query_args['tax_query'][] = [
 					'taxonomy' => sanitize_text_field( wp_slash( $_GET['tax'] ) ),
 					'field'    => 'term_id',
 					'terms'    => sanitize_text_field( wp_slash( $_GET['term'] ) ),
 				];				
 			}
+			// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Read-only access to a public pagination var. No state change, DB write, or sensitive action.
+			// Also fully sanitized to prevent injection.
 			if(isset($_GET['tax']) && isset($_GET['term']) && isset($_GET['cpaged'])){
-				$query_args['paged'] = sanitize_text_field( wp_slash( $_GET['cpaged'] ) );
+				$query_args['paged'] = absint( sanitize_text_field( wp_slash( $_GET['cpaged'] ) ) );
 			}		
 		}
 

readme.txt

@@ -5,7 +5,7 @@ Tags: Elementor, Elementor Addons, Elementor Templates, Animation, Templates
 Requires at least: 6.0
 Tested up to: 6.8
 Requires PHP: 7.4
-Stable tag: 2.3.11
+Stable tag: 2.3.12
 License: GPL v2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 
@@ -98,7 +98,7 @@ Once your website is designed with all the essential elements, enhance its funct
 **Wrapper Link**: Transform entire container sections into clickable links for seamless navigation.
 **[Popup](https://animation-addons.com/extensions/pop-up/)**: Create engaging popups to enhance user interaction and showcase important content.
 **Tilt Effect**: Tilt an element based on the visitor’s mouse movement for a dynamic visual experience.
-**Advanced Tooltip**: Display additional information about elements when users hover over them.
+**[Advanced Tooltip](https://animation-addons.com/extensions/advanced-tooltip/)**: Display additional information about elements when users hover over them.
 **Custom Fonts**: Integrate unique custom fonts to maintain a consistent brand identity.
 **Mega Menu**: Create a customizable, expansive mega menu for seamless navigation.
 
@@ -422,6 +422,14 @@ See the unminified JS and CSS in our public repo: [GitHub Repository](https://gi
 
 == Changelog ==
 
+= Animation Addons for Elementor v2.3.12 – 02 September 2025 =
+
+  - 🎨 Fixed: Toggle Widget for smoother interaction and better user experience
+  - 🎨 Fixed: Mailchimp Widget subscribing issue to ensure seamless email marketing integration
+  - 🎨 Fixed: Nested Element editor loading issue for faster, stable page building
+  - 🆕 Added: Code Snippet visibility option to give you more control and flexibility in your projects
+  - ✏️ Improved: Dashboard Starter Template design and filter for easier access to 200+ websites & 10,000+ sections
+
 = Animation Addons for Elementor v2.3.11 – 19 august 2025 = 
   - 🆕 **Added:** Starter Template Menu
   - 🎨 **Fixed:** Mobile navigation overlay issue for smoother user experience

widgets/mailchimp/mailchimp-api.php

@@ -89,16 +89,20 @@ private static function normalize_and_validate_email($raw) {
      * Add/Update a subscriber (idempotent)
      */
     public static function insert_subscriber_to_mailchimp($submitted_data) {
-        if (!isset($_REQUEST['nonce']) || !wp_verify_nonce($_REQUEST['nonce'], 'wcf-addons-frontend')) {
+
+        // 0) Basic nonce check
+        $nonce = isset($_REQUEST['nonce']) ? sanitize_text_field(wp_unslash($_REQUEST['nonce'])) : '';
+
+        if (!isset($_REQUEST['nonce']) || !wp_verify_nonce($nonce , 'wcf-addons-frontend')) {
             wp_send_json_error('Invalid nonce');
         }
 
         // 1) Decode API key and basic inputs
         $api_key = '';
         if (!empty($_POST['key'])) {
-            $api_key = str_replace('w1c2f', '', base64_decode(wp_unslash($_POST['key'])));
+            $api_key = str_replace('w1c2f', '', base64_decode( sanitize_text_field( wp_unslash($_POST['key']) )));
         }
-        $list_id = isset($_POST['listId']) ? trim((string) wp_unslash($_POST['listId'])) : '';
+        $list_id = isset($_POST['listId']) ? trim((string) sanitize_text_field( wp_unslash($_POST['listId']))) : '';
         $double  = (isset($_POST['doubleOpt']) && $_POST['doubleOpt'] === 'yes');
 
         if (!$api_key || !$list_id) {
@@ -121,7 +125,7 @@ public static function insert_subscriber_to_mailchimp($submitted_data) {
         // 3) Optional tags (array of strings)
         $tags = [];
         if (!empty($_POST['listTags'])) {
-            $tags = array_filter(array_map('trim', preg_split('/\s*,\s*/', wp_unslash($_POST['listTags']))));
+            $tags = array_filter(array_map('trim', preg_split('/\s*,\s*/', sanitize_text_field(wp_unslash($_POST['listTags'])))));
         }
 
         // 4) Build merge_fields safely