10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

* fixed security issue CVE ID: CVE-2025-0308

Browse Source 
* fixed security issue CVE ID: CVE-2025-0318
This commit is contained in:
Mykyta Synelnikov
2025-01-08 12:20:35 +02:00
parent 5cefd5ba3a
commit e5fe05503a
2 changed files with 15 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/core/class-member-directory.php
+3 -3
View File
@@ -1727,15 +1727,15 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
break;
}
}
return $search;
// Early escape of the search line. The same as `$wpdb->prepare()`.
return esc_sql( $search );
}
/**
* Handle general search line request
*/
public function general_search() {
//general search
// General search
if ( ! empty( $_POST['search'] ) ) {
// complex using with change_meta_sql function
$search = $this->prepare_search( $_POST['search'] );