diff --git a/give.php b/give.php index a915a3eb07..ea9b49de04 100644 --- a/give.php +++ b/give.php @@ -6,7 +6,7 @@ * Description: The most robust, flexible, and intuitive way to accept donations on WordPress. * Author: GiveWP * Author URI: https://givewp.com/ - * Version: 3.16.3 + * Version: 3.16.4 * Requires at least: 6.4 * Requires PHP: 7.2 * Text Domain: give @@ -407,7 +407,7 @@ private function setup_constants() { // Plugin version. if (!defined('GIVE_VERSION')) { - define('GIVE_VERSION', '3.16.3'); + define('GIVE_VERSION', '3.16.4'); } // Plugin Root File. diff --git a/includes/process-donation.php b/includes/process-donation.php index 41be334326..73059c62be 100644 --- a/includes/process-donation.php +++ b/includes/process-donation.php @@ -418,38 +418,16 @@ function give_donation_form_validate_fields() { /** * Detect serialized fields. * + * @since 3.16.4 updated to check all values for serialized fields * @since 3.16.2 added additional check for stripslashes_deep * @since 3.14.2 add give-form-title, give_title * @since 3.5.0 */ function give_donation_form_has_serialized_fields(array $post_data): bool { - $post_data_keys = [ - 'give-form-id', - 'give-gateway', - 'card_name', - 'card_number', - 'card_cvc', - 'card_exp_month', - 'card_exp_year', - 'card_address', - 'card_address_2', - 'card_city', - 'card_state', - 'billing_country', - 'card_zip', - 'give_email', - 'give_first', - 'give_last', - 'give_user_login', - 'give_user_pass', - 'give-form-title', - 'give_title', - ]; - - foreach ($post_data as $key => $value) { - if ( ! in_array($key, $post_data_keys, true)) { - continue; + foreach ($post_data as $value) { + if (is_serialized(ltrim($value, '\\'))) { + return true; } if (is_serialized(stripslashes_deep($value))) { @@ -1644,6 +1622,7 @@ function give_validate_required_form_fields( $form_id ) { * * @param array $post_data List of post data. * + * @since 3.16.4 Add additional validation for company name field * @since 3.16.3 Add additional validations for name title prefix field * @since 2.1 * @@ -1657,6 +1636,10 @@ function give_donation_form_validate_name_fields( $post_data ) { give_set_error( 'disabled_name_title', esc_html__( 'The name title prefix field is not enabled.', 'give' ) ); } + if (!give_is_company_field_enabled($formId) && isset($post_data['give_company_name'])) { + give_set_error( 'disabled_company', esc_html__( 'The company field is not enabled.', 'give' ) ); + } + if (give_is_name_title_prefix_enabled($formId) && isset($post_data['give_title']) && !in_array($post_data['give_title'], array_values(give_get_name_title_prefixes($formId)))) { give_set_error( 'invalid_name_title', esc_html__( 'The name title prefix field is not valid.', 'give' ) ); } diff --git a/readme.txt b/readme.txt index 46e1c91634..539831690f 100644 --- a/readme.txt +++ b/readme.txt @@ -5,7 +5,7 @@ Tags: donation, donate, recurring donations, fundraising, crowdfunding Requires at least: 6.4 Tested up to: 6.6 Requires PHP: 7.2 -Stable tag: 3.16.3 +Stable tag: 3.16.4 License: GPLv3 License URI: http://www.gnu.org/licenses/gpl-3.0.html @@ -262,6 +262,9 @@ The 2% fee on Stripe donations only applies to donations taken via our free Stri 10. Use almost any payment gateway integration with GiveWP through our add-ons or by creating your own add-on. == Changelog == += 3.16.4: October 10th, 2024 = +* Security: Added additional protection against serialized data in the option-based donation form request (CVE-2024-9634) + = 3.16.3: October 7th, 2024 = * Security: Added additional validation to the donor title field, further protecting the option-based donation form request diff --git a/src/DonorDashboards/resources/js/app/components/mobile-menu/index.js b/src/DonorDashboards/resources/js/app/components/mobile-menu/index.js index 7a17884623..ebe4b5fa2a 100644 --- a/src/DonorDashboards/resources/js/app/components/mobile-menu/index.js +++ b/src/DonorDashboards/resources/js/app/components/mobile-menu/index.js @@ -8,11 +8,11 @@ import './style.scss'; const MobileMenu = ({children}) => { const [isOpen, setIsOpen] = useState(false); - const contentRef = useRef(null); + const toggleRef = useRef(null); useEffect(() => { const handleClick = (evt) => { - if (contentRef.current && !contentRef.current.contains(evt.target)) { + if (toggleRef.current && !toggleRef.current.contains(evt.target)) { setIsOpen(false); } }; @@ -26,7 +26,7 @@ const MobileMenu = ({children}) => { document.removeEventListener('click', handleClick); } }; - }, [isOpen, contentRef]); + }, [isOpen, toggleRef]); const location = useLocation(); const tabsSelector = useSelector((state) => state.tabs); @@ -39,16 +39,19 @@ const MobileMenu = ({children}) => {
{label}
setIsOpen(!isOpen)} + onClick={() => { + setIsOpen(!isOpen); + }} >
{isOpen && ( -
+
{children}
)} diff --git a/tests/includes/legacy/tests-functions.php b/tests/includes/legacy/tests-functions.php index c6162a8cf2..bdcb11a0e7 100644 --- a/tests/includes/legacy/tests-functions.php +++ b/tests/includes/legacy/tests-functions.php @@ -86,4 +86,33 @@ public function test_give_form_get_default_level() { // When passing invalid form id, it should return null. $this->assertEquals( give_form_get_default_level( 123 ), null ); } + + /** + * @since 3.16.4 + * @dataProvider give_donation_form_has_serialized_fields_data + */ + public function test_give_donation_form_has_serialized_fields(array $fields, bool $expected): void + { + if ($expected) { + $this->assertTrue(give_donation_form_has_serialized_fields($fields)); + } else { + $this->assertFalse(give_donation_form_has_serialized_fields($fields)); + } + } + + /** + * @since 3.16.4 + */ + public function give_donation_form_has_serialized_fields_data(): array + { + return [ + [['foo' => serialize('bar')], true], + [['foo' => 'bar', 'baz' => '\\' . serialize('backslash-bypass')], true], + [['foo' => 'bar', 'baz' => '\\\\' . serialize('double-backslash-bypass')], true], + [['foo' => 'bar'], false], + [['foo' => 'bar', 'baz' => serialize('qux')], true], + [['foo' => 'bar', 'baz' => 'qux'], false], + [['foo' => 'bar', 'baz' => 1], false], + ]; + } }