Skip to content

Commit

Permalink
Fix XSS Vulnerabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@alextuan
alextuan committed Jul 11, 2024
1 parent dba08fc commit abcc161
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 34 deletions.
16 changes: 8 additions & 8 deletions classes/class-wc-predictive-search-backbone.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,17 +152,17 @@ public function include_result_shortcode_script() {
$search_other = '';
$cat_in = 'all';

if ( isset( $wp_query->query_vars['keyword'] ) ) $search_keyword = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['keyword'] ) ) );
elseif ( isset( $_REQUEST['rs'] ) && trim( $_REQUEST['rs'] ) != '' ) $search_keyword = wp_unslash( wp_strip_all_tags( $_REQUEST['rs'] ) );
if ( isset( $wp_query->query_vars['keyword'] ) ) $search_keyword = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['keyword'] ) ) );
elseif ( isset( $_REQUEST['rs'] ) && trim( $_REQUEST['rs'] ) != '' ) $search_keyword = sanitize_text_field( wp_unslash( $_REQUEST['rs'] ) );

if ( isset( $wp_query->query_vars['search-in'] ) ) $search_in = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['search-in'] ) ) );
elseif ( isset( $_REQUEST['search_in'] ) && trim( $_REQUEST['search_in'] ) != '' ) $search_in = wp_unslash( wp_strip_all_tags( $_REQUEST['search_in'] ) );
if ( isset( $wp_query->query_vars['search-in'] ) ) $search_in = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['search-in'] ) ) );
elseif ( isset( $_REQUEST['search_in'] ) && trim( $_REQUEST['search_in'] ) != '' ) $search_in = sanitize_text_field( wp_unslash( $_REQUEST['search_in'] ) );

if ( isset( $wp_query->query_vars['search-other'] ) ) $search_other = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['search-other'] ) ) );
elseif ( isset( $_REQUEST['search_other'] ) && trim( $_REQUEST['search_other'] ) != '' ) $search_other = wp_unslash( wp_strip_all_tags( $_REQUEST['search_other'] ) );
if ( isset( $wp_query->query_vars['search-other'] ) ) $search_other = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['search-other'] ) ) );
elseif ( isset( $_REQUEST['search_other'] ) && trim( $_REQUEST['search_other'] ) != '' ) $search_other = sanitize_text_field( wp_unslash( $_REQUEST['search_other'] ) );

if ( isset( $wp_query->query_vars['cat-in'] ) ) $cat_in = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['cat-in'] ) ) );
elseif ( isset( $_REQUEST['cat_in'] ) && trim( $_REQUEST['cat_in'] ) != '' ) $cat_in = wp_unslash( wp_strip_all_tags( $_REQUEST['cat_in'] ) );
if ( isset( $wp_query->query_vars['cat-in'] ) ) $cat_in = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['cat-in'] ) ) );
elseif ( isset( $_REQUEST['cat_in'] ) && trim( $_REQUEST['cat_in'] ) != '' ) $cat_in = sanitize_text_field( wp_unslash( $_REQUEST['cat_in'] ) );

$permalink_structure = get_option( 'permalink_structure' );

Expand Down
2 changes: 1 addition & 1 deletion classes/class-wc-predictive-search-functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -518,7 +518,7 @@ public static function get_product_addtocart( $product, $in_results_page = true
}
$product_addtocart_output = ob_get_clean();

return $product_addtocart_output;
return apply_filters( 'wc_ps_addtocart', $product_addtocart_output, $product, $in_results_page );
}

/**
Expand Down
20 changes: 10 additions & 10 deletions classes/class-wc-predictive-search-shortcodes.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -323,8 +323,8 @@ public static function parse_shortcode_search_result($attributes) {
global $wp_query;

$search_keyword = '';
if (isset($wp_query->query_vars['keyword'])) $search_keyword = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['keyword'] ) ) );
else if (isset($_REQUEST['rs']) && trim($_REQUEST['rs']) != '') $search_keyword = wp_unslash( wp_strip_all_tags( $_REQUEST['rs'] ) );
if (isset($wp_query->query_vars['keyword'])) $search_keyword = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['keyword'] ) ) );
else if (isset($_REQUEST['rs']) && trim($_REQUEST['rs']) != '') $search_keyword = sanitize_text_field( wp_unslash( $_REQUEST['rs'] ) );

$search_results .= self::display_search();
return $search_results;
Expand All @@ -341,17 +341,17 @@ public static function display_search() {
$search_other = '';
$cat_in = 'all';

if (isset($wp_query->query_vars['keyword'])) $search_keyword = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['keyword'] ) ) );
else if (isset($_REQUEST['rs']) && trim($_REQUEST['rs']) != '') $search_keyword = wp_unslash( wp_strip_all_tags( $_REQUEST['rs'] ) );
if (isset($wp_query->query_vars['keyword'])) $search_keyword = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['keyword'] ) ) );
else if (isset($_REQUEST['rs']) && trim($_REQUEST['rs']) != '') $search_keyword = sanitize_text_field( wp_unslash( $_REQUEST['rs'] ) );

if (isset($wp_query->query_vars['cat-in'])) $cat_in = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['cat-in'] ) ) );
else if (isset($_REQUEST['cat_in']) && trim($_REQUEST['cat_in']) != '') $cat_in = wp_unslash( wp_strip_all_tags( $_REQUEST['cat_in'] ) );
if (isset($wp_query->query_vars['cat-in'])) $cat_in = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['cat-in'] ) ) );
else if (isset($_REQUEST['cat_in']) && trim($_REQUEST['cat_in']) != '') $cat_in = sanitize_text_field( wp_unslash( $_REQUEST['cat_in'] ) );

if (isset($wp_query->query_vars['search-in'])) $search_in = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['search-in'] ) ) );
else if (isset($_REQUEST['search_in']) && trim($_REQUEST['search_in']) != '') $search_in = wp_unslash( wp_strip_all_tags( $_REQUEST['search_in'] ) );
if (isset($wp_query->query_vars['search-in'])) $search_in = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['search-in'] ) ) );
else if (isset($_REQUEST['search_in']) && trim($_REQUEST['search_in']) != '') $search_in = sanitize_text_field( wp_unslash( $_REQUEST['search_in'] ) );

if (isset($wp_query->query_vars['search-other'])) $search_other = wp_unslash( wp_strip_all_tags( urldecode( $wp_query->query_vars['search-other'] ) ) );
else if (isset($_REQUEST['search_other']) && trim($_REQUEST['search_other']) != '') $search_other = wp_unslash( wp_strip_all_tags( $_REQUEST['search_other'] ) );
if (isset($wp_query->query_vars['search-other'])) $search_other = urldecode( sanitize_text_field( wp_unslash( $wp_query->query_vars['search-other'] ) ) );
else if (isset($_REQUEST['search_other']) && trim($_REQUEST['search_other']) != '') $search_other = sanitize_text_field( wp_unslash( $_REQUEST['search_other'] ) );

$permalink_structure = get_option( 'permalink_structure' );

Expand Down
28 changes: 14 additions & 14 deletions includes/class-legacy-api.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,21 +74,21 @@ public function get_result_popup() {
$search_in_default[$key] = $data['number'];
}
}
if ( isset($_REQUEST['row']) && $_REQUEST['row'] > 0) $row = wp_unslash( wp_strip_all_tags( $_REQUEST['row'] ) );
if ( isset($_REQUEST['text_lenght']) && $_REQUEST['text_lenght'] >= 0) $text_lenght = wp_unslash( wp_strip_all_tags( $_REQUEST['text_lenght'] ) );
if ( isset($_REQUEST['show_price']) && trim($_REQUEST['show_price']) != '') $show_price = wp_unslash( wp_strip_all_tags( $_REQUEST['show_price'] ) );
if ( isset($_REQUEST['row']) && $_REQUEST['row'] > 0) $row = sanitize_text_field( wp_unslash( $_REQUEST['row'] ) );
if ( isset($_REQUEST['text_lenght']) && $_REQUEST['text_lenght'] >= 0) $text_lenght = sanitize_text_field( wp_unslash( $_REQUEST['text_lenght'] ) );
if ( isset($_REQUEST['show_price']) && trim($_REQUEST['show_price']) != '') $show_price = sanitize_text_field( wp_unslash( $_REQUEST['show_price'] ) );
if ( $show_price == 1 ) $show_price = true; else $show_price = false;
if ( isset($_REQUEST['show_addtocart']) && trim($_REQUEST['show_addtocart']) != '') $show_addtocart = wp_unslash( wp_strip_all_tags( $_REQUEST['show_addtocart'] ) );
if ( isset($_REQUEST['show_addtocart']) && trim($_REQUEST['show_addtocart']) != '') $show_addtocart = sanitize_text_field( wp_unslash( $_REQUEST['show_addtocart'] ) );
if ( $show_addtocart == 1 ) $show_addtocart = true; else $show_addtocart = false;
if ( isset($_REQUEST['show_in_cat']) && trim($_REQUEST['show_in_cat']) != '') $show_in_cat = wp_unslash( wp_strip_all_tags( $_REQUEST['show_in_cat'] ) );
if ( isset($_REQUEST['show_in_cat']) && trim($_REQUEST['show_in_cat']) != '') $show_in_cat = sanitize_text_field( wp_unslash( $_REQUEST['show_in_cat'] ) );
if ( $show_in_cat == 1 ) $show_in_cat = true; else $show_in_cat = false;
if ( isset($_REQUEST['q']) && trim($_REQUEST['q']) != '') $search_keyword = wp_unslash( wp_strip_all_tags( $_REQUEST['q'] ) );
if ( isset($_REQUEST['cat_in']) && trim($_REQUEST['cat_in']) != '') $cat_in = wp_unslash( wp_strip_all_tags( $_REQUEST['cat_in'] ) );
if ( isset($_REQUEST['search_in']) && trim($_REQUEST['search_in']) != '') $search_in = json_decode( wp_unslash( wp_strip_all_tags( $_REQUEST['search_in'] ) ), true );
if ( isset($_REQUEST['q']) && trim($_REQUEST['q']) != '') $search_keyword = sanitize_text_field( wp_unslash( $_REQUEST['q'] ) );
if ( isset($_REQUEST['cat_in']) && trim($_REQUEST['cat_in']) != '') $cat_in = sanitize_text_field( wp_unslash( $_REQUEST['cat_in'] ) );
if ( isset($_REQUEST['search_in']) && trim($_REQUEST['search_in']) != '') $search_in = json_decode( sanitize_text_field( wp_unslash( $_REQUEST['search_in'] ) ), true );
if ( ! is_array($search_in) || count($search_in) < 1 || array_sum($search_in) < 1) $search_in = $search_in_default;
if ( isset($_REQUEST['widget_template']) && trim($_REQUEST['widget_template']) != '' ) $widget_template = wp_unslash( wp_strip_all_tags( $_REQUEST['widget_template'] ) );
if ( isset($_REQUEST['widget_template']) && trim($_REQUEST['widget_template']) != '' ) $widget_template = sanitize_key( wp_unslash( $_REQUEST['widget_template'] ) );

if ( isset($_REQUEST['last_search_term']) && trim($_REQUEST['last_search_term']) != '') $last_found_search_term = wp_unslash( wp_strip_all_tags( $_REQUEST['last_search_term'] ) );
if ( isset($_REQUEST['last_search_term']) && trim($_REQUEST['last_search_term']) != '') $last_found_search_term = sanitize_text_field( wp_unslash( $_REQUEST['last_search_term'] ) );

if ( $search_keyword != '' ) {
$search_list = array();
Expand Down Expand Up @@ -220,10 +220,10 @@ public function get_all_results() {

if ( get_option('woocommerce_search_result_items') > 0 ) $row = get_option('woocommerce_search_result_items');

if ( isset( $_REQUEST['psp'] ) && $_REQUEST['psp'] > 0 ) $psp = wp_unslash( wp_strip_all_tags( $_REQUEST['psp'] ) );
if ( isset( $_REQUEST['q'] ) && trim( $_REQUEST['q'] ) != '' ) $search_keyword = wp_unslash( wp_strip_all_tags( $_REQUEST['q'] ) );
if ( isset( $_REQUEST['cat_in'] ) && trim( $_REQUEST['cat_in'] ) != '' ) $cat_in = wp_unslash( wp_strip_all_tags( $_REQUEST['cat_in'] ) );
if ( isset( $_REQUEST['search_in'] ) && trim( $_REQUEST['search_in'] ) != '' ) $search_in = wp_unslash( wp_strip_all_tags( $_REQUEST['search_in'] ) );
if ( isset( $_REQUEST['psp'] ) && $_REQUEST['psp'] > 0 ) $psp = sanitize_text_field( wp_unslash( $_REQUEST['psp'] ) );
if ( isset( $_REQUEST['q'] ) && trim( $_REQUEST['q'] ) != '' ) $search_keyword = sanitize_text_field( wp_unslash( $_REQUEST['q'] ) );
if ( isset( $_REQUEST['cat_in'] ) && trim( $_REQUEST['cat_in'] ) != '' ) $cat_in = sanitize_text_field( wp_unslash( $_REQUEST['cat_in'] ) );
if ( isset( $_REQUEST['search_in'] ) && trim( $_REQUEST['search_in'] ) != '' ) $search_in = sanitize_text_field( wp_unslash( $_REQUEST['search_in'] ) );

$item_list = array( 'total' => 0, 'items' => array() );

Expand Down
2 changes: 1 addition & 1 deletion includes/class-wc-predictive-search.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ public function get_product_results( $search_keyword, $row, $start = 0, $woocomm
if ( trim( $product_description ) == '' ) $product_description = Functions::woops_limit_words( strip_tags( Functions::strip_shortcodes( strip_shortcodes( $post->post_excerpt ) ) ), $text_lenght, '...' );

$availability = $product->get_availability();
$availability_html = empty( $availability['availability'] ) ? '' : '<span class="stock ' . esc_attr( $availability['class'] ) . '">' . esc_html( $availability['availability'] ) . '</span>';
$availability_html = empty( $availability['availability'] ) ? '' : '<span class="stock ' . esc_attr( $availability['class'] ) . '">' . wp_kses_post( $availability['availability'] ) . '</span>';

$item_data = array(
'title' => $current_product->post_title,
Expand Down

0 comments on commit abcc161

Please sign in to comment.