From 6e33471c8d5c4f8af94314506126f49b6308d78c Mon Sep 17 00:00:00 2001 From: Mario Shtika Date: Thu, 30 Mar 2023 09:31:16 +0300 Subject: [PATCH] Support quotes and double quotes when resetting password --- inc/AppPresser_WPAPI_Mods.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/inc/AppPresser_WPAPI_Mods.php b/inc/AppPresser_WPAPI_Mods.php index 99a5441..500955d 100644 --- a/inc/AppPresser_WPAPI_Mods.php +++ b/inc/AppPresser_WPAPI_Mods.php @@ -680,11 +680,10 @@ public function get_short_reset_code() { */ public function validate_reset_password( $request ) { - global $wpdb; $return; - $code = $request['code']; - $password = $request['password']; + $code = sanitize_text_field($request['code']); + $password = sanitize_text_field(addslashes($request['password'])); $user = get_users( array( 'meta_key' => 'app_hash', 'meta_value' => $code ) );