Version 2.0.3 of Memberlite theme is out with enhancements to the shortcode, additional color settings in Customize screen for primary navigation, a new theme customizer option to load a “dark” stylesheet (for dark/inverted backgrounds), improved formatting for comments and a tabbed display for separating comments, pingbacks and trackbacks (see demo on this post).
This version also includes a XSS security patch and a couple of bug fixes related to theme customizations, shortcodes, and proper use of Paid Memberships Pro pricing filters on the membership levels page.
If you are running an edited version of Memberlite or Memberlite with a child theme, please update the theme from the updates page of your WordPress dashboard. You can also get the latest version of Memberlite here.
The XSS vulnerability was do to echoing an improperly escaped version of the search query string in the header/h1 area of the page. If you need to manually patch this, you can edit inc/extras.php and change the following section around line 305.
The full list of updates is below.
- ENHANCEMENT: Support added for dark background via customizer setting and additional dark.css
- BUG: Fixing issue with shortcode thumbnail size setting
- BUG: Header text color fix in customizer
- SECURITY: Fixed XSS issue with the h1 display of search queries.
- BUG: Removed pmpro_content_filter from banner description so it is not duplicated in post content.
- BUG: Fixing issue where archvies and index weren’t showing full the_content when set in customizer.
- ENHANCEMENT: Updating Title of Contents and general stylesheet formatting improvements.
- ENHANCEMENT: Added post_parent and thumbnail_size attributes to shortcode.
- ENHANCEMENT: Improved memberlite_getLevelCost function to respect price formatting filters in Paid Memberships Pro.
- ENHANCEMENT: Added masthead banner background image support to front-page template.
- ENHANCEMENT: Added customizer settings for primary navigation bar background color and link color.
- ENHANCEMENT: Added ‘scheme_SCHEMENAME’ to body classes array when an included color scheme is selected in customizer.’
- ENHANCEMENT: Improved formatting for comments, nested comments, pingbacks and trackbacks