awesomemotive
diff --git a/‎all_in_one_seo_pack.php‎
Lines changed: 1 addition & 1 deletion b/‎all_in_one_seo_pack.php‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎app/Common/Api/PostsTerms.php‎
Lines changed: 11 additions & 7 deletions b/‎app/Common/Api/PostsTerms.php‎
Lines changed: 11 additions & 7 deletions
diff --git a/‎readme.txt‎
Lines changed: 10 additions & 2 deletions b/‎readme.txt‎
Lines changed: 10 additions & 2 deletions
diff --git a/‎vendor/autoload.php‎
Lines changed: 2 additions & 5 deletions b/‎vendor/autoload.php‎
Lines changed: 2 additions & 5 deletions
diff --git a/‎vendor/composer/InstalledVersions.php‎
Lines changed: 41 additions & 4 deletions b/‎vendor/composer/InstalledVersions.php‎
Lines changed: 41 additions & 4 deletions
@@ -5,7 +5,7 @@
  * Description: SEO for WordPress. Features like XML Sitemaps, SEO for custom post types, SEO for blogs, business sites, ecommerce sites, and much more. More than 100 million downloads since 2007.
  * Author:      All in One SEO Team
  * Author URI:  https://aioseo.com/
- * Version:     4.8.7.1
+ * Version:     4.8.7.2
  * Text Domain: all-in-one-seo-pack
  * Domain Path: /languages
  * License:     GPL-3.0+
 
@@ -284,15 +284,19 @@ public static function loadPostDetailsColumn( $request ) {
 			], 400 );
 		}
 
-		if ( ! current_user_can( 'read_post', $ids[0] ) ) {
-			return new \WP_REST_Response( [
-				'success' => false,
-				'message' => 'Unauthorized.'
-			], 401 );
-		}
-
 		$posts = [];
 		foreach ( $ids as $postId ) {
+			if ( ! current_user_can( 'read_post', $postId ) || post_password_required( $postId ) ) {
+				$posts[] = [
+					'id'                => $postId,
+					'titleParsed'       => '',
+					'descriptionParsed' => '',
+					'headlineScore'     => null
+				];
+
+				continue;
+			}
+
 			$postTitle      = get_the_title( $postId );
 			$headline       = ! empty( $postTitle ) ? sanitize_text_field( $postTitle ) : ''; // We need this to achieve consistency for the score when using special characters in titles
 			$headlineResult = aioseo()->standalone->headlineAnalyzer->getResult( $headline );
 
@@ -4,7 +4,7 @@ Tags: SEO, Google Search Console, XML Sitemap, meta description, schema
 Tested up to: 6.8
 Requires at least: 5.4
 Requires PHP: 7.2
-Stable tag: 4.8.7
+Stable tag: 4.8.7.2
 License: GPLv3 or later
 License URI: https://www.gnu.org/licenses/gpl-3.0.txt
 
@@ -234,6 +234,14 @@ AIOSEO&reg; is a registered trademark of Semper Plugins LLC. When writing about
 
 == Changelog ==
 
+**New in Version 4.8.7.2**
+
+* Updated: Added additional hardening to REST API routes.
+
+**New in Version 4.8.7.1**
+
+* Fixed: WooCommerce products being automatically added to the cart.
+
 **New in Version 4.8.7**
 
 * Updated: Hardened API routes to prevent unauthorized access.
@@ -429,6 +437,6 @@ Additionally, AIOSEO can also provide you with data on the most frequently used
 
 == Upgrade Notice ==
 
-= 4.8.7 =
+= 4.8.7.2 =
 
 This update adds major improvements and bug fixes.
@@ -14,12 +14,9 @@
             echo $err;
         }
     }
-    trigger_error(
-        $err,
-        E_USER_ERROR
-    );
+    throw new RuntimeException($err);
 }
 
 require_once __DIR__ . '/composer/autoload_real.php';
 
-return ComposerAutoloaderInit66b3c54d88e5e61397f1b6cb174129f9::getLoader();
+return ComposerAutoloaderInit7b1b5525a434eea7579fcd6c370bd123::getLoader();
@@ -26,12 +26,23 @@
  */
 class InstalledVersions
 {
+    /**
+     * @var string|null if set (by reflection by Composer), this should be set to the path where this class is being copied to
+     * @internal
+     */
+    private static $selfDir = null;
+
     /**
      * @var mixed[]|null
      * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>}|array{}|null
      */
     private static $installed;
 
+    /**
+     * @var bool
+     */
+    private static $installedIsLocalDir;
+
     /**
      * @var bool|null
      */
@@ -309,6 +320,24 @@ public static function reload($data)
     {
         self::$installed = $data;
         self::$installedByVendor = array();
+
+        // when using reload, we disable the duplicate protection to ensure that self::$installed data is
+        // always returned, but we cannot know whether it comes from the installed.php in __DIR__ or not,
+        // so we have to assume it does not, and that may result in duplicate data being returned when listing
+        // all installed packages for example
+        self::$installedIsLocalDir = false;
+    }
+
+    /**
+     * @return string
+     */
+    private static function getSelfDir()
+    {
+        if (self::$selfDir === null) {
+            self::$selfDir = strtr(__DIR__, '\\', '/');
+        }
+
+        return self::$selfDir;
     }
 
     /**
@@ -322,19 +351,27 @@ private static function getInstalled()
         }
 
         $installed = array();
+        $copiedLocalDir = false;
 
         if (self::$canGetVendors) {
+            $selfDir = self::getSelfDir();
             foreach (ClassLoader::getRegisteredLoaders() as $vendorDir => $loader) {
+                $vendorDir = strtr($vendorDir, '\\', '/');
                 if (isset(self::$installedByVendor[$vendorDir])) {
                     $installed[] = self::$installedByVendor[$vendorDir];
                 } elseif (is_file($vendorDir.'/composer/installed.php')) {
                     /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array<string, array{pretty_version?: string, version?: string, reference?: string|null, type?: string, install_path?: string, aliases?: string[], dev_requirement: bool, replaced?: string[], provided?: string[]}>} $required */
                     $required = require $vendorDir.'/composer/installed.php';
-                    $installed[] = self::$installedByVendor[$vendorDir] = $required;
-                    if (null === self::$installed && strtr($vendorDir.'/composer', '\\', '/') === strtr(__DIR__, '\\', '/')) {
-                        self::$installed = $installed[count($installed) - 1];
+                    self::$installedByVendor[$vendorDir] = $required;
+                    $installed[] = $required;
+                    if (self::$installed === null && $vendorDir.'/composer' === $selfDir) {
+                        self::$installed = $required;
+                        self::$installedIsLocalDir = true;
                     }
                 }
+                if (self::$installedIsLocalDir && $vendorDir.'/composer' === $selfDir) {
+                    $copiedLocalDir = true;
+                }
             }
         }
 
@@ -350,7 +387,7 @@ private static function getInstalled()
             }
         }
 
-        if (self::$installed !== array()) {
+        if (self::$installed !== array() && !$copiedLocalDir) {
             $installed[] = self::$installed;
         }
Original file line number	Diff line number	Diff line change
`@@ -14,12 +14,9 @@`
`14`	`14`	`echo $err;`
`15`	`15`	`}`
`16`	`16`	`}`
`17`		`- trigger_error(`
`18`		`- $err,`
`19`		`- E_USER_ERROR`
`20`		`- );`
	`17`	`+ throw new RuntimeException($err);`
`21`	`18`	`}`
`22`	`19`
`23`	`20`	`require_once __DIR__ . '/composer/autoload_real.php';`
`24`	`21`
`25`		`-return ComposerAutoloaderInit66b3c54d88e5e61397f1b6cb174129f9::getLoader();`
	`22`	`+return ComposerAutoloaderInit7b1b5525a434eea7579fcd6c370bd123::getLoader();`