chore: prepare for release

Jon Waldstein · Jon Waldstein · commit 3b44dd149bd7 · 2025-10-02T10:36:33.000-04:00
diff --git a/give.php b/give.php
@@ -6,7 +6,7 @@
  * Description: The most robust, flexible, and intuitive way to accept donations on WordPress.
  * Author: GiveWP
  * Author URI: https://givewp.com/
- * Version: 4.10.0
+ * Version: 4.10.1
  * Requires at least: 6.6
  * Requires PHP: 7.4
  * Text Domain: give
@@ -425,7 +425,7 @@ private function setup_constants()
     {
         // Plugin version.
         if (!defined('GIVE_VERSION')) {
-            define('GIVE_VERSION', '4.10.0');
+            define('GIVE_VERSION', '4.10.1');
         }
 
         // Plugin Root File.
diff --git a/readme.txt b/readme.txt
@@ -5,7 +5,7 @@ Tags: donation, donate, recurring donations, fundraising, crowdfunding
 Requires at least: 6.6
 Tested up to: 6.8
 Requires PHP: 7.4
-Stable tag: 4.10.0
+Stable tag: 4.10.1
 License: GPLv3
 License URI: http://www.gnu.org/licenses/gpl-3.0.html
 
@@ -273,6 +273,9 @@ You can report security bugs through the Patchstack Vulnerability Disclosure Pro
 
 == Changelog ==
 
+= 4.10.1: October 2nd, 2025 =
+* Security: Improved REST endpoint permissions for campaigns and forms (CVE-2025-11227, CVE-2025-11228)
+
 = 4.10.0: October 1st, 2025 =
 * New: The admin list tables have been upgraded to a new design with various enhancements!
 * New: The admin donations list table now displays quick stats
diff --git a/src/API/REST/V3/Routes/Campaigns/Permissions/CampaignPermissions.php b/src/API/REST/V3/Routes/Campaigns/Permissions/CampaignPermissions.php
@@ -7,34 +7,34 @@
 use WP_REST_Request;
 
 /**
- * @unreleased
+ * @since 4.10.1
  */
 class CampaignPermissions
 {
     /**
      * Check if current user can edit campaigns.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public static function canEdit(): bool
     {
-        return current_user_can('manage_options') || 
+        return current_user_can('manage_options') ||
                current_user_can('edit_give_forms');
     }
 
     /**
      * Check if current user can view private/draft/archived campaigns.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public static function canViewPrivate(): bool
     {
-        return current_user_can('manage_options') || 
+        return current_user_can('manage_options') ||
                current_user_can('edit_give_forms');
     }
 
     /**
-     * @unreleased
+     * @since 4.10.1
      */
     public static function authorizationStatusCode(): int
     {
@@ -44,7 +44,7 @@ public static function authorizationStatusCode(): int
     /**
      * Validate campaign access permissions for GET items (collections).
      *
-     * @unreleased
+     * @since 4.10.1
      *
      * @param WP_REST_Request $request
      *
@@ -53,7 +53,7 @@ public static function authorizationStatusCode(): int
     public static function validationForGetItems(WP_REST_Request $request)
     {
         $status = $request->get_param('status');
-        
+
         // If no status is specified, allow access (defaults to active campaigns)
         if (empty($status)) {
             return true;
@@ -83,7 +83,7 @@ public static function validationForGetItems(WP_REST_Request $request)
     /**
      * Validate campaign access permissions for individual campaign GET method.
      *
-     * @unreleased
+     * @since 4.10.1
      *
      * @param WP_REST_Request $request
      *
diff --git a/src/API/REST/V3/Routes/Campaigns/RegisterCampaignRoutes.php b/src/API/REST/V3/Routes/Campaigns/RegisterCampaignRoutes.php
@@ -44,7 +44,7 @@ public function __invoke()
     /**
      * Get Campaign route
      *
-     * @unreleased Changed permission callback to use validationForGetItem method
+     * @since 4.10.1 Changed permission callback to use validationForGetItem method
      * @since 4.9.0 Add missing schema key to the route level
      * @since 4.0.0
      */
@@ -77,7 +77,7 @@ public function registerGetCampaign()
     /**
      * Get Campaigns route
      *
-     * @unreleased Changed permission callback to use validationForGetItems method
+     * @since 4.10.1 Changed permission callback to use validationForGetItems method
      * @since 4.0.0
      */
     public function registerGetCampaigns()
diff --git a/src/Campaigns/Controllers/CampaignRequestController.php b/src/Campaigns/Controllers/CampaignRequestController.php
@@ -28,7 +28,7 @@
 class CampaignRequestController
 {
     /**
-     * @unreleased Added status check to ensure non-authorized users can only access active campaigns
+     * @since 4.10.1 Added status check to ensure non-authorized users can only access active campaigns
      * @since 4.0.0
      *
      * @return WP_Error | WP_REST_Response
diff --git a/src/DonationForms/Controllers/DonationFormsRequestController.php b/src/DonationForms/Controllers/DonationFormsRequestController.php
@@ -20,7 +20,7 @@
 class DonationFormsRequestController
 {
     /**
-     * @unreleased Added status check to ensure non-authorized users can only access published forms
+     * @since 4.10.1 Added status check to ensure non-authorized users can only access published forms
      * @since 4.2.0
      */
     public function getForm(WP_REST_Request $request)
diff --git a/src/DonationForms/Routes/DonationFormsEntityRoute.php b/src/DonationForms/Routes/DonationFormsEntityRoute.php
@@ -37,7 +37,7 @@ public function __invoke()
     /**
      * Get Form route
      *
-     * @unreleased Changed permission callback to use validationForGetItem method
+     * @since 4.10.1 Changed permission callback to use validationForGetItem method
      * @since 4.2.0
      */
     public function registerGetForm()
@@ -68,7 +68,7 @@ public function registerGetForm()
     /**
      * Get Forms route
      *
-     * @unreleased Changed permission callback to use validationForGetItems method
+     * @since 4.10.1 Changed permission callback to use validationForGetItems method
      * @since 4.2.0
      */
     public function registerGetForms()
@@ -119,7 +119,7 @@ public function registerGetForms()
     /**
      * Associate donation forms with campaign
      *
-     * @unreleased Changed permission callback to use validationForAssociateForms method
+     * @since 4.10.1 Changed permission callback to use validationForAssociateForms method
      * @since 4.2.0
      */
     public function registerAssociateFormsWithCampaign()
diff --git a/src/DonationForms/Routes/Permissions/DonationFormPermissions.php b/src/DonationForms/Routes/Permissions/DonationFormPermissions.php
@@ -7,34 +7,34 @@
 use WP_REST_Request;
 
 /**
- * @unreleased
+ * @since 4.10.1
  */
 class DonationFormPermissions
 {
     /**
      * Check if current user can edit donation forms.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public static function canEdit(): bool
     {
-        return current_user_can('manage_options') || 
+        return current_user_can('manage_options') ||
                current_user_can('edit_give_forms');
     }
 
     /**
      * Check if current user can view private/draft donation forms.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public static function canViewPrivate(): bool
     {
-        return current_user_can('manage_options') || 
+        return current_user_can('manage_options') ||
                current_user_can('edit_give_forms');
     }
 
     /**
-     * @unreleased
+     * @since 4.10.1
      */
     public static function authorizationStatusCode(): int
     {
@@ -44,7 +44,7 @@ public static function authorizationStatusCode(): int
     /**
      * Validate donation form access permissions for GET items (collections).
      *
-     * @unreleased
+     * @since 4.10.1
      *
      * @param WP_REST_Request $request
      *
@@ -53,7 +53,7 @@ public static function authorizationStatusCode(): int
     public static function validationForGetItems(WP_REST_Request $request)
     {
         $status = $request->get_param('status');
-        
+
         // If no status is specified, allow access (defaults to published forms)
         if (empty($status)) {
             return true;
@@ -83,7 +83,7 @@ public static function validationForGetItems(WP_REST_Request $request)
     /**
      * Validate donation form access permissions for individual form GET method.
      *
-     * @unreleased
+     * @since 4.10.1
      *
      * @param WP_REST_Request $request
      *
@@ -99,7 +99,7 @@ public static function validationForGetItem(WP_REST_Request $request)
     /**
      * Validate donation form access permissions for associate forms with campaign.
      *
-     * @unreleased
+     * @since 4.10.1
      *
      * @param WP_REST_Request $request
      *
diff --git a/tests/Unit/API/REST/V3/Routes/Campaigns/CampaignRouteGetItemTest.php b/tests/Unit/API/REST/V3/Routes/Campaigns/CampaignRouteGetItemTest.php
@@ -11,7 +11,7 @@
 use WP_REST_Server;
 
 /**
- * @unreleased
+ * @since 4.10.1
  */
 class CampaignRouteGetItemTest extends RestApiTestCase
 {
@@ -21,7 +21,7 @@ class CampaignRouteGetItemTest extends RestApiTestCase
     /**
      * Test that unauthenticated users cannot access individual non-active campaign via GET /campaigns/{id}.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCannotAccessNonActiveCampaign()
     {
@@ -38,7 +38,7 @@ public function testUnauthenticatedUserCannotAccessNonActiveCampaign()
     /**
      * Test that unauthenticated users can access individual active campaign via GET /campaigns/{id}.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCanAccessActiveCampaign()
     {
@@ -55,7 +55,7 @@ public function testUnauthenticatedUserCanAccessActiveCampaign()
     /**
      * Test that admin users can access individual non-active campaign via GET /campaigns/{id}.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testAdminUserCanAccessNonActiveCampaign()
     {
@@ -72,7 +72,7 @@ public function testAdminUserCanAccessNonActiveCampaign()
     /**
      * Test that admin users can access individual archived campaign via GET /campaigns/{id}.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testAdminUserCanAccessArchivedCampaign()
     {
@@ -89,7 +89,7 @@ public function testAdminUserCanAccessArchivedCampaign()
     /**
      * Test that unauthenticated users get 404 for non-existent campaign.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserGets404ForNonExistentCampaign()
     {
diff --git a/tests/Unit/API/REST/V3/Routes/Campaigns/CampaignRouteGetItemsTest.php b/tests/Unit/API/REST/V3/Routes/Campaigns/CampaignRouteGetItemsTest.php
@@ -11,7 +11,7 @@
 use WP_REST_Server;
 
 /**
- * @unreleased
+ * @since 4.10.1
  */
 class CampaignRouteGetItemsTest extends RestApiTestCase
 {
@@ -21,7 +21,7 @@ class CampaignRouteGetItemsTest extends RestApiTestCase
     /**
      * Test that unauthenticated users cannot access non-active campaigns via GET /campaigns.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCannotAccessNonActiveCampaigns()
     {
@@ -42,7 +42,7 @@ public function testUnauthenticatedUserCannotAccessNonActiveCampaigns()
     /**
      * Test that unauthenticated users can access active campaigns via GET /campaigns.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCanAccessActiveCampaigns()
     {
@@ -60,7 +60,7 @@ public function testUnauthenticatedUserCanAccessActiveCampaigns()
     /**
      * Test that unauthenticated users can access campaigns without status filter via GET /campaigns.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCanAccessCampaignsWithoutStatusFilter()
     {
@@ -77,7 +77,7 @@ public function testUnauthenticatedUserCanAccessCampaignsWithoutStatusFilter()
     /**
      * Test that admin users can access all campaign statuses via GET /campaigns.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testAdminUserCanAccessAllCampaignStatuses()
     {
@@ -97,7 +97,7 @@ public function testAdminUserCanAccessAllCampaignStatuses()
     /**
      * Test that mixed status requests are blocked for unauthenticated users.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCannotAccessMixedStatusRequests()
     {
diff --git a/tests/Unit/DonationForms/Routes/DonationFormRouteAssociateWithCampaignTest.php b/tests/Unit/DonationForms/Routes/DonationFormRouteAssociateWithCampaignTest.php
@@ -9,7 +9,7 @@
 use WP_REST_Server;
 
 /**
- * @unreleased
+ * @since 4.10.1
  */
 class DonationFormRouteAssociateWithCampaignTest extends RestApiTestCase
 {
@@ -19,7 +19,7 @@ class DonationFormRouteAssociateWithCampaignTest extends RestApiTestCase
     /**
      * Test that unauthenticated users cannot associate forms with campaigns via POST /forms/associate-with-campaign.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testUnauthenticatedUserCannotAssociateFormsWithCampaign()
     {
@@ -38,7 +38,7 @@ public function testUnauthenticatedUserCannotAssociateFormsWithCampaign()
     /**
      * Test that admin users can associate forms with campaigns via POST /forms/associate-with-campaign.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testAdminUserCanAssociateFormsWithCampaign()
     {
@@ -60,7 +60,7 @@ public function testAdminUserCanAssociateFormsWithCampaign()
     /**
      * Test that non-admin users cannot associate forms with campaigns via POST /forms/associate-with-campaign.
      *
-     * @unreleased
+     * @since 4.10.1
      */
     public function testNonAdminUserCannotAssociateFormsWithCampaign()
     {
diff --git a/tests/Unit/DonationForms/Routes/DonationFormRouteGetItemTest.php b/tests/Unit/DonationForms/Routes/DonationFormRouteGetItemTest.php
diff --git a/tests/Unit/DonationForms/Routes/DonationFormRouteGetItemsTest.php b/tests/Unit/DonationForms/Routes/DonationFormRouteGetItemsTest.php

Original file line number	Diff line number	Diff line change
`@@ -7,34 +7,34 @@`
`7`	`7`	`use WP_REST_Request;`
`8`	`8`
`9`	`9`	`/**`
`10`		`- * @unreleased`
	`10`	`+ * @since 4.10.1`
`11`	`11`	`*/`
`12`	`12`	`class CampaignPermissions`
`13`	`13`	`{`
`14`	`14`	`/**`
`15`	`15`	`* Check if current user can edit campaigns.`
`16`	`16`	`*`
`17`		`- * @unreleased`
	`17`	`+ * @since 4.10.1`
`18`	`18`	`*/`
`19`	`19`	`public static function canEdit(): bool`
`20`	`20`	`{`
`21`		`- return current_user_can('manage_options') \|\|`
	`21`	`+ return current_user_can('manage_options') \|\|`
`22`	`22`	`current_user_can('edit_give_forms');`
`23`	`23`	`}`
`24`	`24`
`25`	`25`	`/**`
`26`	`26`	`* Check if current user can view private/draft/archived campaigns.`
`27`	`27`	`*`
`28`		`- * @unreleased`
	`28`	`+ * @since 4.10.1`
`29`	`29`	`*/`
`30`	`30`	`public static function canViewPrivate(): bool`
`31`	`31`	`{`
`32`		`- return current_user_can('manage_options') \|\|`
	`32`	`+ return current_user_can('manage_options') \|\|`
`33`	`33`	`current_user_can('edit_give_forms');`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`/**`
`37`		`- * @unreleased`
	`37`	`+ * @since 4.10.1`
`38`	`38`	`*/`
`39`	`39`	`public static function authorizationStatusCode(): int`
`40`	`40`	`{`
`@@ -44,7 +44,7 @@ public static function authorizationStatusCode(): int`
`44`	`44`	`/**`
`45`	`45`	`* Validate campaign access permissions for GET items (collections).`
`46`	`46`	`*`
`47`		`- * @unreleased`
	`47`	`+ * @since 4.10.1`
`48`	`48`	`*`
`49`	`49`	`* @param WP_REST_Request $request`
`50`	`50`	`*`
`@@ -53,7 +53,7 @@ public static function authorizationStatusCode(): int`
`53`	`53`	`public static function validationForGetItems(WP_REST_Request $request)`
`54`	`54`	`{`
`55`	`55`	`$status = $request->get_param('status');`
`56`		`-`
	`56`	`+`
`57`	`57`	`// If no status is specified, allow access (defaults to active campaigns)`
`58`	`58`	`if (empty($status)) {`
`59`	`59`	`return true;`
`@@ -83,7 +83,7 @@ public static function validationForGetItems(WP_REST_Request $request)`
`83`	`83`	`/**`
`84`	`84`	`* Validate campaign access permissions for individual campaign GET method.`
`85`	`85`	`*`
`86`		`- * @unreleased`
	`86`	`+ * @since 4.10.1`
`87`	`87`	`*`
`88`	`88`	`* @param WP_REST_Request $request`
`89`	`89`	`*`
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@`
`28`	`28`	`class CampaignRequestController`
`29`	`29`	`{`
`30`	`30`	`/**`
`31`		`- * @unreleased Added status check to ensure non-authorized users can only access active campaigns`
	`31`	`+ * @since 4.10.1 Added status check to ensure non-authorized users can only access active campaigns`
`32`	`32`	`* @since 4.0.0`
`33`	`33`	`*`
`34`	`34`	`* @return WP_Error \| WP_REST_Response`
Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@`
`20`	`20`	`class DonationFormsRequestController`
`21`	`21`	`{`
`22`	`22`	`/**`
`23`		`- * @unreleased Added status check to ensure non-authorized users can only access published forms`
	`23`	`+ * @since 4.10.1 Added status check to ensure non-authorized users can only access published forms`
`24`	`24`	`* @since 4.2.0`
`25`	`25`	`*/`
`26`	`26`	`public function getForm(WP_REST_Request $request)`
Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@`
`11`	`11`	`use WP_REST_Server;`
`12`	`12`
`13`	`13`	`/**`
`14`		`- * @unreleased`
	`14`	`+ * @since 4.10.1`
`15`	`15`	`*/`
`16`	`16`	`class CampaignRouteGetItemTest extends RestApiTestCase`
`17`	`17`	`{`
`@@ -21,7 +21,7 @@ class CampaignRouteGetItemTest extends RestApiTestCase`
`21`	`21`	`/**`
`22`	`22`	`* Test that unauthenticated users cannot access individual non-active campaign via GET /campaigns/{id}.`
`23`	`23`	`*`
`24`		`- * @unreleased`
	`24`	`+ * @since 4.10.1`
`25`	`25`	`*/`
`26`	`26`	`public function testUnauthenticatedUserCannotAccessNonActiveCampaign()`
`27`	`27`	`{`
`@@ -38,7 +38,7 @@ public function testUnauthenticatedUserCannotAccessNonActiveCampaign()`
`38`	`38`	`/**`
`39`	`39`	`* Test that unauthenticated users can access individual active campaign via GET /campaigns/{id}.`
`40`	`40`	`*`
`41`		`- * @unreleased`
	`41`	`+ * @since 4.10.1`
`42`	`42`	`*/`
`43`	`43`	`public function testUnauthenticatedUserCanAccessActiveCampaign()`
`44`	`44`	`{`
`@@ -55,7 +55,7 @@ public function testUnauthenticatedUserCanAccessActiveCampaign()`
`55`	`55`	`/**`
`56`	`56`	`* Test that admin users can access individual non-active campaign via GET /campaigns/{id}.`
`57`	`57`	`*`
`58`		`- * @unreleased`
	`58`	`+ * @since 4.10.1`
`59`	`59`	`*/`
`60`	`60`	`public function testAdminUserCanAccessNonActiveCampaign()`
`61`	`61`	`{`
`@@ -72,7 +72,7 @@ public function testAdminUserCanAccessNonActiveCampaign()`
`72`	`72`	`/**`
`73`	`73`	`* Test that admin users can access individual archived campaign via GET /campaigns/{id}.`
`74`	`74`	`*`
`75`		`- * @unreleased`
	`75`	`+ * @since 4.10.1`
`76`	`76`	`*/`
`77`	`77`	`public function testAdminUserCanAccessArchivedCampaign()`
`78`	`78`	`{`
`@@ -89,7 +89,7 @@ public function testAdminUserCanAccessArchivedCampaign()`
`89`	`89`	`/**`
`90`	`90`	`* Test that unauthenticated users get 404 for non-existent campaign.`
`91`	`91`	`*`
`92`		`- * @unreleased`
	`92`	`+ * @since 4.10.1`
`93`	`93`	`*/`
`94`	`94`	`public function testUnauthenticatedUserGets404ForNonExistentCampaign()`
`95`	`95`	`{`