📁
SKYSHELL MANAGER
PHP v8.2.31
Create
Create
Path:
root
/
home
/
thevaxnx
/
nativize.com
/
staging
/
wp-includes
/
js
/
tinymce
/
themes
/
Name
Size
Perm
Actions
📁
inlite
-
0755
🗑️
🏷️
🔒
📁
modern
-
0755
🗑️
🏷️
🔒
📄
wp-links-opml.php
6.83 KB
0444
🗑️
🏷️
⬇️
✏️
🔒
Edit: changelog.txt
v7.7.1 Released on July 13th, 2026 Hotfixes Just when you publish a new release, there is another vulnerability reported… Which means we need to ship a fix ASAP. fix #4514 : Hotfix on webshop by @ildyria. A user can craft a post request and get discounted prices on the webshop. This is now fixed. fix #4516 : Fix Sqlite bug on virtual columns by @ildyria. When using sqlite, the virtual columns were not properly handled. This is now fixed. Thanks to @5ud0er for reporting the bypass vulnerability on pricing. v7.7.0 Released on July 13th, 2026 Fixes vulnerabilities, bugs and adds a few new features If we were only fixing vulnerabilities, this would have been a simple patch release. However, we also added a few new features and fixed some bugs: you can now choose which thumb to use as the cover for your tag albums, disable the second line on album thumbs (usually a date), and customize the title and description of the RSS feed. We also fixed two major issues related to group access rights and the propagation algorithm. Users of the webshop should update to this version as soon as possible, as one of the validation mechanisms was not working properly and could allow for some freebies. new #4469 : Add option to disable the second line on album thumbs by @ildyria. This is a small quality of life improvement, some users requested to have the second line on album thumbs disabled. This is now possible via a setting in the admin panel. new #4470 : Add cover to tag albums by @ildyria. By request, we added the possibility to choose which photo to use as the cover for tag albums. This allows to have a better representation of the tag album. new #4468 : Make the tags clickable in the photo details by @ildyria. By request, we made the tags clickable in the photo details. This allows to quickly navigate to the tag album and see all photos with the same tag. Note that this is only available to logged-in users. new #4484 : Support 2 lines titles on thumbs with disabled second line by @ildyria. When the second line is disabled, the title of albums will be displayed on two lines if necessary. new #4501 : Allow customizing RSS feed title & description by @cdzombak. Our very own @cdzombak added the possibility to customize the title and description of the RSS feed. This allows to have a better representation of the feed in RSS readers. new #4500 : RSS Feed includes oneper photo by @cdzombak. new #4503 : Add option to configure cache file path by @ildyria. A small request, we added the possibility to configure the cache file path. This allows to have a better control on the cache files and avoid potential issues with permissions. fix #4480 : Update changelog url by @ildyria. With the migration to astro Starlight, the changelog url was not updated. This is now fixed. fix #4481 : Fix propagation error by @ildyria. When propagating access rights to sub-albums we were faced with a combinatory explosion. This is now fixed. fix #4482 : Fixes access rights with multiple groups by @ildyria. When a user was part of multiple groups, only the first policy was used to determine the access rights to an album. This is now fixed. fix #4486 : Fix nsfw warning not being displayed by @ildyria. When an album is marked as NSFW, the warning was not displayed on the album page. This is now fixed. fix #4499 : Fix photos appearing multiple times per-album in RSS feed by @cdzombak. Chris also fixed the duplicates presentation in the RSS feed: one photo in multiple albums will now only appear once in the feed. fix #4507 : Fix dummy validation when processing requests by @ildyria. Major vulnerability, @UmutCPP reported that the validation of the requests was not properly done, allowing for some bypasses. This is now fixed. fix #4510 : Add middleware and caching for docs API by @ildyria. The docs API takes a few seconds to generates, an attacker could spam the endpoint and cause a denial of service. We added a middleware to cache the response and avoid this issue. Issue reported by @UmutCPP. fix #4511 : Avoid large malicious uploads and wasting CPU cycles by @ildyria. A malicious user with upload rights could upload a small pdf and cause the server to waste CPU cycles and memory by converting it to a large image. We now limit the size of the uploaded files and avoid this issue. Issue reported by @UmutCPP. klo #4489 : Fixes HEIC processing in CICD by @ildyria. klo #4466 : Improve demo workflow by @ildyria. klo #4512 : Improve Readme by @ildyria. klo #4508 : Please do not report fopen DNS rebinding issues by @ildyria. Thanks to @UmutCPP for reporting those three vulnerabilities. v7.6.4 What's Changed 🏕 Features Add missing tile for bulk album edit by @ildyria in #4464 Add configurable sharable preview by @ildyria in #4463 Please don't tell anyone about this commit. It's a secret. by @ildyria in #4465 v7.6.3 What's Changed 🏕 Features Hardcode sqlite migration key-drop fix by @ildyria in #4458 Fix download bypass on password protected albums by @ildyria in #4459 Version 7.6.3 by @ildyria in #4461 Do not display errors when feature is disabled by @ildyria in #4462 👒 Dependencies chore(deps-dev): bump rector/rector from 2.5.1 to 2.5.2 in the development-dependencies group by @dependabot[bot] in #4455 chore(deps-dev): bump @typescript-eslint/parser from 8.61.1 to 8.62.0 in the development-dependencies group by @dependabot[bot] in #4454
Save