Merge pull request #1769 from ultimatemember/fix/CVE-2025-13220

Fix security vulnerability CVE-2025-13220 in Ultimate Member.
This commit is contained in:
Mykyta Synelnikov
2025-12-16 17:13:45 +02:00
committed by GitHub
3 changed files with 21 additions and 33 deletions
+5 -2
View File
@@ -2,8 +2,11 @@
= 2.11.1 December xx, 2025 =
Fixed: CVE-2025-13217.
Fixed: CVE-2025-14081.
* Bugfixes:
- Fixed: CVE-2025-13220.
- Fixed: CVE-2025-13217.
- Fixed: CVE-2025-14081.
= 2.11.0 December 02, 2025 =
+12 -31
View File
@@ -527,10 +527,10 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
*
* @return string
*/
function ultimatemember_login( $args = array() ) {
public function ultimatemember_login( $args = array() ) {
global $wpdb;
$args = ! empty( $args ) ? $args : array();
$args = shortcode_atts( array(), $args, 'ultimatemember_login' );
$default_login = $wpdb->get_var(
"SELECT pm.post_id
@@ -547,23 +547,18 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$shortcode_attrs .= " {$key}=\"{$value}\"";
}
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
return do_shortcode( "[ultimatemember {$shortcode_attrs} /]" );
} else {
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
/**
* @param array $args
*
* @return string
*/
function ultimatemember_register( $args = array() ) {
public function ultimatemember_register( $args = array() ) {
global $wpdb;
$args = ! empty( $args ) ? $args : array();
$args = shortcode_atts( array(), $args, 'ultimatemember_register' );
$default_register = $wpdb->get_var(
"SELECT pm.post_id
@@ -580,23 +575,18 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$shortcode_attrs .= " {$key}=\"{$value}\"";
}
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
return do_shortcode( "[ultimatemember {$shortcode_attrs} /]" );
} else {
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
/**
* @param array $args
*
* @return string
*/
function ultimatemember_profile( $args = array() ) {
public function ultimatemember_profile( $args = array() ) {
global $wpdb;
$args = ! empty( $args ) ? $args : array();
$args = shortcode_atts( array(), $args, 'ultimatemember_profile' );
$default_profile = $wpdb->get_var(
"SELECT pm.post_id
@@ -614,23 +604,18 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$shortcode_attrs .= " {$key}=\"{$value}\"";
}
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
return do_shortcode( "[ultimatemember {$shortcode_attrs} /]" );
} else {
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
/**
* @param array $args
*
* @return string
*/
function ultimatemember_directory( $args = array() ) {
public function ultimatemember_directory( $args = array() ) {
global $wpdb;
$args = ! empty( $args ) ? $args : array();
$args = shortcode_atts( array(), $args, 'ultimatemember_directory' );
$default_directory = $wpdb->get_var(
"SELECT pm.post_id
@@ -648,11 +633,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$shortcode_attrs .= " {$key}=\"{$value}\"";
}
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
return do_shortcode( "[ultimatemember {$shortcode_attrs} /]" );
} else {
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
return apply_shortcodes( "[ultimatemember {$shortcode_attrs} /]" );
}
/**
+4
View File
@@ -171,6 +171,7 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
**Bugfixes**
* Fixed: CVE-2025-13220.
* Fixed: CVE-2025-13217.
* Fixed: CVE-2025-14081.
* Fixed: CVE-2025-12492.
@@ -340,6 +341,9 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
== Upgrade Notice ==
= 2.11.1 =
This version fixes a security related bug. Upgrade immediately.
= 2.10.4 =
This version fixes a security related bug. Upgrade immediately.