Merge branch 'master' into develop

ajaydsouza · ajaydsouza · commit c479c7648981 · 2025-07-16T17:41:27.000+01:00
diff --git a/includes/class-cpt.php b/includes/class-cpt.php
@@ -37,7 +37,7 @@ public function __construct() {
 	 * @since 2.3.0
 	 */
 	public static function register_post_type() {
-		$slug     = \wzkb_get_option( 'kb_slug', 'knowledgebase' );
+		$slug     = sanitize_title( \wzkb_get_option( 'kb_slug', 'knowledgebase' ) );
 		$archives = defined( 'WZKB_DISABLE_ARCHIVE' ) && WZKB_DISABLE_ARCHIVE ? false : $slug;
 		$rewrite  = defined( 'WZKB_DISABLE_REWRITE' ) && WZKB_DISABLE_REWRITE ? false : array(
 			'slug'       => $slug,
diff --git a/knowledgebase.php b/knowledgebase.php
diff --git a/readme.txt b/readme.txt
@@ -121,8 +121,8 @@ You can report security bugs through the Patchstack Vulnerability Disclosure Pro
 
 == Upgrade Notice ==
 
-= 2.3.1 =
-Fixed security issue where arguments passed to the shortcodes were not properly sanitized.
+= 2.3.2 =
+Fixed security issue where Knowledge Base slug in settings was not sanitized.
 
 == Changelog ==
 
@@ -151,6 +151,11 @@ Fixed security issue where arguments passed to the shortcodes were not properly
 		* And other similar class name changes
 	* If you have custom CSS targeting these classes, you'll need to update your selectors
 
+= 2.3.2 =
+
+* Bug fixes:
+	* Fixed security issue where Knowledge Base slug in settings was not sanitized.
+
 = 2.3.1 =
 
 * Bug fixes:
