From b87f3f4817245e74cb10d823cac41885095163f4 Mon Sep 17 00:00:00 2001
From: vnmedeiros <vnicius.nm.ba@gmail.com>
Date: Tue, 27 Aug 2024 23:37:42 -0300
Subject: [PATCH 1/3] fix: avoid inject SQL in search

---
 .../class-tainacan-rest-background-processes-controller.php   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/classes/api/endpoints/class-tainacan-rest-background-processes-controller.php b/src/classes/api/endpoints/class-tainacan-rest-background-processes-controller.php
index e127bb439..7f237fa78 100644
--- a/src/classes/api/endpoints/class-tainacan-rest-background-processes-controller.php
+++ b/src/classes/api/endpoints/class-tainacan-rest-background-processes-controller.php
@@ -192,8 +192,8 @@ class REST_Background_Processes_Controller extends REST_Controller {
         $process_type = '';
         if (isset($request['search'])) {
             $name = $request['search'];
-            $process_type = "AND name LIKE '%$name%'";
-            $process_type = $wpdb->prepare($process_type);
+            $search_term_like = '%' . $wpdb->esc_like($name) . '%';
+            $process_type = $wpdb->prepare("AND name LIKE %s", $search_term_like);
         }
 
 		$recent_q = '';

From c6b056ae758d415a37b72e06202376ee39880a9f Mon Sep 17 00:00:00 2001
From: vnmedeiros <vnicius.nm.ba@gmail.com>
Date: Wed, 28 Aug 2024 10:16:43 -0300
Subject: [PATCH 2/3] release: update version to 0.21.9

---
 src/readme.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/readme.txt b/src/readme.txt
index d3853b026..091600898 100644
--- a/src/readme.txt
+++ b/src/readme.txt
@@ -4,7 +4,7 @@ Tags: museums, archives, GLAM, collections, repository
 Requires at least: 5.9
 Tested up to: 6.6
 Requires PHP: 7.0
-Stable tag: 0.21.8
+Stable tag: 0.21.9
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-3.0.html
 

From 905b3aa0e2a234b6b08d6c9cfbcee66823546115 Mon Sep 17 00:00:00 2001
From: vnmedeiros <vnicius.nm.ba@gmail.com>
Date: Wed, 28 Aug 2024 14:50:04 -0300
Subject: [PATCH 3/3] release: update version to 0.21.9

---
 src/tainacan.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/tainacan.php b/src/tainacan.php
index 069afad32..acbde7645 100644
--- a/src/tainacan.php
+++ b/src/tainacan.php
@@ -5,17 +5,17 @@ Plugin URI: https://tainacan.org/
 Description: Open source, powerful and flexible repository platform for WordPress. Manage and publish you digital collections as easily as publishing a post to your blog, while having all the tools of a professional repository platform.
 Author: Tainacan.org
 Author URI: https://tainacan.org/
-Version: 0.21.8
+Version: 0.21.9
 Requires at least: 5.9
 Tested up to: 6.6
 Requires PHP: 7.0
-Stable tag: 0.21.8
+Stable tag: 0.21.9
 Text Domain: tainacan
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-3.0.html
 */
 
-const TAINACAN_VERSION = '0.21.8';
+const TAINACAN_VERSION = '0.21.9';
 
 defined( 'ABSPATH' ) or die( 'No script kiddies please!' );
 $TAINACAN_BASE_URL = plugins_url('', __FILE__);