v. 4.44.4

* Correção: melhoria na segurança. Um administrador poderia modificar algumas queries de forma arbitrária. CVE-2025-10142
Merge branch 'release/4.44.4'

Author: r-martins

composer.json

@@ -2,7 +2,7 @@
     "name": "ricardomartins/pagbank-woocommerce",
     "description": "Integração PagBank (PagSeguro) WooCommerce com desconto nas taxas oficiais",
     "type": "wordpress-plugin",
-    "version": "4.44.3",
+    "version": "4.44.4",
     "license": "GPL-3.0",
     "autoload": {
         "psr-4": {

readme.txt

@@ -5,7 +5,7 @@ Donate link: https://github.com/sponsors/r-martins
 Requires at least: 4.0
 Tested up to: 6.8
 Requires PHP: 7.4
-Stable tag: 4.44.3
+Stable tag: 4.44.4
 License: GPLv3
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
 PagBank com PIX, Cartão de Crédito, Boleto, Recorrência + Envio Fácil e com Menos Taxas no PagSeguro.
@@ -211,6 +211,9 @@ Você deve fazer isso através de Pull Requests ao [repositório oficial no gith
 
 == Changelog ==
 
+= 4.44.4 =
+* Correção: melhoria na segurança. Um administrador poderia modificar algumas queries de forma arbitrária. CVE-2025-10142
+
 = 4.44.3 =
 * Compliance: adicionado Plugin URI nos headers do plugin e atualização de screenshots.
 

rm-pagbank.php

@@ -11,7 +11,7 @@
  * Plugin Name:       PagBank Connect
  * Plugin URI:        https://pbintegracoes.com
  * Description:       Integra seu WooCommerce com as APIs PagSeguro v4 através da aplicação de Ricardo Martins (com descontos nas taxas oficiais), com suporte a PIX transparente e muito mais.
- * Version:           4.44.3
+ * Version:           4.44.4
  * Requires at least: 5.2
  * Tested up to:      6.8
  * Requires PHP:      7.4
@@ -33,7 +33,7 @@
 defined( 'ABSPATH' ) || die( 'No direct script access allowed!' );
 
 // Plugin constants.
-define( 'WC_PAGSEGURO_CONNECT_VERSION', '4.44.3' );
+define( 'WC_PAGSEGURO_CONNECT_VERSION', '4.44.4' );
 define( 'WC_PAGSEGURO_CONNECT_PLUGIN_FILE', __FILE__ );
 define( 'WC_PAGSEGURO_CONNECT_BASE_DIR', __DIR__ );
 define( 'WC_PAGSEGURO_CONNECT_TEMPLATES_DIR', WC_PAGSEGURO_CONNECT_BASE_DIR . '/src/templates/' );

src/Connect/Recurring/Admin/Subscriptions/SubscriptionList.php

@@ -90,14 +90,15 @@ public function prepare_items()
         $orderby = wp_unslash($orderby);
         $order = (isset($_GET['order']) && in_array($_GET['order'], array('asc', 'desc'))) ? $_GET['order'] : 'desc'; //phpcs:ignore WordPress.Security.NonceVerification
 
+        global $wpdb;
         $where = "1=1";
         if (!empty($_REQUEST['status'])) {
             $status = sanitize_text_field(wp_unslash($_REQUEST['status']));
-            $where .= " AND status = '$status'";
+            $where .= $wpdb->prepare(" AND status = %s", $status);
         }
         if (!empty($_REQUEST['order_id'])) {
             $order_id = intval($_REQUEST['order_id']);
-            $where .= " AND initial_order_id = $order_id";
+            $where .= $wpdb->prepare(" AND initial_order_id = %d", $order_id);
         }
 
 

src/Connect/Recurring/RecurringDashboard.php

@@ -28,18 +28,26 @@ public function getMySubscriptions(): array
             return $order->get_id();
         }, $orders);
 
-        $ids_string_placeholders = implode(', ', array_fill(0, count($ids), '%d'));
-        
         global $wpdb;
-        //select from pagbank_recurring where initial order is one of those
+        
+        // If no orders, return empty array
+        if (empty($ids)) {
+            return [];
+        }
+        
+        // Create placeholders for each ID
+        $placeholders = array_fill(0, count($ids), '%d');
+        $format = implode(',', $placeholders);
+        
+        // Prepare and execute the query safely
         $table = $wpdb->prefix . 'pagbank_recurring';
-        $subscriptions = $wpdb->get_results(
-            $wpdb->prepare(
-                "SELECT * FROM `$table` WHERE initial_order_id IN ( $ids_string_placeholders ) ORDER BY id DESC",
-                $ids
-            )
+        $query = $wpdb->prepare(
+            "SELECT * FROM `$table` WHERE initial_order_id IN ($format) ORDER BY id DESC",
+            $ids
         );
 
+        $subscriptions = $wpdb->get_results($query);
+        
         if ( ! empty($subscriptions))
         {
             return $subscriptions;