Merge pull request #1771 from ultimatemember/fix/CVE-2025-14081

Fix: CVE-2025-14081 and update field filtering logic.
This commit is contained in:
Mykyta Synelnikov
2025-12-16 17:10:54 +02:00
committed by GitHub
3 changed files with 9 additions and 4 deletions
+1 -1
View File
@@ -2,7 +2,7 @@
= 2.11.1 December xx, 2025 = = 2.11.1 December xx, 2025 =
Fixed: CVE-2025-14081
= 2.11.0 December 02, 2025 = = 2.11.0 December 02, 2025 =
+7 -3
View File
@@ -473,23 +473,27 @@ if ( ! class_exists( 'um\core\Account' ) ) {
return $url; return $url;
} }
/** /**
* @param $fields * @param $fields
* @param $shortcode_args * @param $shortcode_args
* @return mixed * @return mixed
*/ */
function filter_fields_by_attrs( $fields, $shortcode_args ) { private function filter_fields_by_attrs( $fields, $shortcode_args ) {
foreach ( $fields as $k => $field ) { foreach ( $fields as $k => $field ) {
if ( isset( $shortcode_args[ $field['metakey'] ] ) && 0 == $shortcode_args[ $field['metakey'] ] ) { if ( isset( $shortcode_args[ $field['metakey'] ] ) && 0 == $shortcode_args[ $field['metakey'] ] ) {
unset( $fields[ $k ] ); unset( $fields[ $k ] );
continue;
}
// required user permission 'required_perm' - it's field attribute predefined in the field data in code.
if ( isset( $data['required_perm'] ) && ! UM()->roles()->um_user_can( $data['required_perm'] ) ) {
unset( $fields[ $k ] );
} }
} }
return $fields; return $fields;
} }
/** /**
* Init displayed fields for security check * Init displayed fields for security check
* *
+1
View File
@@ -171,6 +171,7 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
**Bugfixes** **Bugfixes**
* Fixed: CVE-2025-14081.
* Fixed: CVE-2025-12492. * Fixed: CVE-2025-12492.
= 2.11.0 2025-12-02 = = 2.11.0 2025-12-02 =