diff --git a/CHANGELOG b/CHANGELOG
index c69d4e0cb..f21486643 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,7 @@ CHANGELOG Roundcube Webmail
 
 - Don't ignore (global) userlogins/sendmail logs in per_user_logging mode
 - Fix security issue in remote content blocking on HTML image and style tags (#6178)
+- Fix check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238)
 - Fix possible IMAP command injection vulnerability [CVE-2018-9846] (#6229)
 
 RELEASE 1.1.10
diff --git a/plugins/archive/archive.php b/plugins/archive/archive.php
index 72f7a7f2a..099a0570c 100644
--- a/plugins/archive/archive.php
+++ b/plugins/archive/archive.php
@@ -122,8 +122,10 @@ class archive extends rcube_plugin
       $index = $storage->index(null, rcmail_sort_column(), rcmail_sort_order());
       $messageset = array($current_mbox => $index->get());
     }
-    else {
-      $messageset = rcmail::get_uids();
+    else if (!empty($uids)) {
+      $messageset = rcmail::get_uids($uids, $current_mbox);
+    } else {
+      $messageset = array();
     }
 
     foreach ($messageset as $mbox => $uids) {
diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php
index f41394e31..abea157cb 100644
--- a/plugins/managesieve/managesieve.php
+++ b/plugins/managesieve/managesieve.php
@@ -191,7 +191,7 @@ class managesieve extends rcube_plugin
     {
         // handle fetching email headers for the new filter form
         if ($uid = rcube_utils::get_input_value('_uid', rcube_utils::INPUT_POST)) {
-            $uids    = rcmail::get_uids();
+            $uids    = rcmail::get_uids($uid);
             $mailbox = key($uids);
             $message = new rcube_message($uids[$mailbox][0], $mailbox);
             $headers = $this->parse_headers($message->headers);
diff --git a/plugins/markasjunk/markasjunk.php b/plugins/markasjunk/markasjunk.php
index d07b494f8..0785ca1c6 100644
--- a/plugins/markasjunk/markasjunk.php
+++ b/plugins/markasjunk/markasjunk.php
@@ -58,10 +58,13 @@ class markasjunk extends rcube_plugin
 
     $rcmail  = rcmail::get_instance();
     $storage = $rcmail->get_storage();
+    $uids    = rcube_utils::get_input_value('_uid', rcube_utils::INPUT_POST);
 
-    foreach (rcmail::get_uids() as $mbox => $uids) {
-      $storage->unset_flag($uids, 'NONJUNK', $mbox);
-      $storage->set_flag($uids, 'JUNK', $mbox);
+    if (!empty($uids)) {
+      foreach (rcmail::get_uids($uids) as $mbox => $uids) {
+        $storage->unset_flag($uids, 'NONJUNK', $mbox);
+        $storage->set_flag($uids, 'JUNK', $mbox);
+      }
     }
 
     if (($junk_mbox = $rcmail->config->get('junk_mbox'))) {