From e5fe05503a9b4bfc4c0516a9ce4f78ece1a0c4b6 Mon Sep 17 00:00:00 2001
From: Mykyta Synelnikov <nsinelnikov.work@gmail.com>
Date: Wed, 8 Jan 2025 12:20:35 +0200
Subject: [PATCH] * fixed security issue CVE ID: CVE-2025-0308 * fixed security
 issue CVE ID: CVE-2025-0318

---
 includes/core/class-member-directory.php |  6 +++---
 includes/core/um-actions-form.php        | 25 ++++++++++++------------
 2 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/includes/core/class-member-directory.php b/includes/core/class-member-directory.php
index dd40f0dd..d535eaaa 100644
--- a/includes/core/class-member-directory.php
+++ b/includes/core/class-member-directory.php
@@ -1727,15 +1727,15 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
 					break;
 				}
 			}
-
-			return $search;
+			// Early escape of the search line. The same as `$wpdb->prepare()`.
+			return esc_sql( $search );
 		}
 
 		/**
 		 * Handle general search line request
 		 */
 		public function general_search() {
-			//general search
+			// General search
 			if ( ! empty( $_POST['search'] ) ) {
 				// complex using with change_meta_sql function
 				$search = $this->prepare_search( $_POST['search'] );
diff --git a/includes/core/um-actions-form.php b/includes/core/um-actions-form.php
index bf3560be..097ab0c4 100644
--- a/includes/core/um-actions-form.php
+++ b/includes/core/um-actions-form.php
@@ -933,20 +933,19 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
 					} elseif ( ! UM()->validation()->safe_username( $submitted_data[ $key ] ) ) {
 						UM()->form()->add_error( $key, __( 'Your email contains invalid characters', 'ultimate-member' ) );
 					}
+					break;
+				}
+
+				if ( '' === $submitted_data[ $key ] ) {
+					UM()->form()->add_error( $key, __( 'You must provide your email', 'ultimate-member' ) );
+				} elseif ( ! is_email( $submitted_data[ $key ] ) || email_exists( $submitted_data[ $key ] ) ) {
+					UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 				} else {
-
-					if ( '' !== $submitted_data[ $key ] && ! is_email( $submitted_data[ $key ] ) ) {
-						UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
-					} elseif ( '' !== $submitted_data[ $key ] && email_exists( $submitted_data[ $key ] ) ) {
-						UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
-					} elseif ( '' !== $submitted_data[ $key ] ) {
-
-						$users = get_users( 'meta_value=' . $submitted_data[ $key ] );
-
-						foreach ( $users as $user ) {
-							if ( $user->ID !== $submitted_data['user_id'] ) {
-								UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
-							}
+					// There we have valid and unique user_email. But need to check in usermeta table for other users.
+					$users = get_users( 'meta_value=' . $submitted_data[ $key ] );
+					foreach ( $users as $user ) {
+						if ( $user->ID !== $submitted_data['user_id'] ) {
+							UM()->form()->add_error( $key, __( 'The email you entered is incorrect', 'ultimate-member' ) );
 						}
 					}
 				}