Merge pull request #1770 from ultimatemember/fix/CVE-2025-13217

Fix: Address CVE-2025-13217 and improve input sanitization
This commit is contained in:
Mykyta Synelnikov
2025-12-16 17:12:17 +02:00
committed by GitHub
3 changed files with 9 additions and 6 deletions
+2 -1
View File
@@ -2,7 +2,8 @@
= 2.11.1 December xx, 2025 = = 2.11.1 December xx, 2025 =
Fixed: CVE-2025-14081 Fixed: CVE-2025-13217.
Fixed: CVE-2025-14081.
= 2.11.0 December 02, 2025 = = 2.11.0 December 02, 2025 =
+6 -5
View File
@@ -76,15 +76,15 @@ function um_profile_field_filter_hook__youtube_video( $value, $data ) {
} }
$value = ( strstr( $value, 'http' ) || strstr( $value, '://' ) ) ? um_youtube_id_from_url( $value ) : $value; $value = ( strstr( $value, 'http' ) || strstr( $value, '://' ) ) ? um_youtube_id_from_url( $value ) : $value;
if ( false !== $value ) { if ( false !== $value ) {
$value = 'https://www.youtube.com/embed/' . $value;
$value = '<div class="um-youtube">' $value = '<div class="um-youtube">'
. '<iframe width="600" height="450" src="https://www.youtube.com/embed/' . $value . '" frameborder="0" allowfullscreen></iframe>' . '<iframe width="600" height="450" src="' . esc_url( $value ) . '" frameborder="0" allowfullscreen></iframe>'
. '</div>'; . '</div>';
} }
return $value; return $value;
} }
add_filter( 'um_profile_field_filter_hook__youtube_video', 'um_profile_field_filter_hook__youtube_video', 99, 2 ); add_filter( 'um_profile_field_filter_hook__youtube_video', 'um_profile_field_filter_hook__youtube_video', 99, 2 );
/** /**
* Outputs a spotify iframe * Outputs a spotify iframe
* *
@@ -127,8 +127,9 @@ function um_profile_field_filter_hook__vimeo_video( $value, $data ) {
} }
$value = ! is_numeric( $value ) ? (int) substr( parse_url( $value, PHP_URL_PATH ), 1 ) : $value; $value = ! is_numeric( $value ) ? (int) substr( parse_url( $value, PHP_URL_PATH ), 1 ) : $value;
$value = 'https://player.vimeo.com/video/' . $value;
$value = '<div class="um-vimeo"> $value = '<div class="um-vimeo">
<iframe src="https://player.vimeo.com/video/' . $value . '" width="600" height="450" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe> <iframe src="' . esc_url( $value ) . '" width="600" height="450" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>
</div>'; </div>';
return $value; return $value;
} }
@@ -199,14 +200,14 @@ function um_profile_field_filter_hook__googlemap( $value, $data ) {
if ( ! $value ) { if ( ! $value ) {
return ''; return '';
} }
$value = 'https://maps.google.it/maps?q=' . urlencode( $value ) . '&output=embed';
$value = '<div class="um-googlemap"> $value = '<div class="um-googlemap">
<iframe width="600" height="450" frameborder="0" style="border:0" src="https://maps.google.it/maps?q=' . urlencode( $value ) . '&output=embed"></iframe> <iframe width="600" height="450" frameborder="0" style="border:0" src="' . esc_url( $value ) . '"></iframe>
</div>'; </div>';
return $value; return $value;
} }
add_filter( 'um_profile_field_filter_hook__googlemap', 'um_profile_field_filter_hook__googlemap', 99, 2 ); add_filter( 'um_profile_field_filter_hook__googlemap', 'um_profile_field_filter_hook__googlemap', 99, 2 );
/** /**
* User's registration date * User's registration date
* *
+1
View File
@@ -171,6 +171,7 @@ IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSI
**Bugfixes** **Bugfixes**
* Fixed: CVE-2025-13217.
* Fixed: CVE-2025-14081. * Fixed: CVE-2025-14081.
* Fixed: CVE-2025-12492. * Fixed: CVE-2025-12492.