diff --git a/main/gradebook/my_certificates.php b/main/gradebook/my_certificates.php
index 5cc608e6da..0b945d88ce 100644
--- a/main/gradebook/my_certificates.php
+++ b/main/gradebook/my_certificates.php
@@ -39,7 +39,7 @@ if (api_get_setting('allow_public_certificates') === 'true') {
         'actions',
         Display::toolbarButton(
             get_lang('SearchCertificates'),
-            api_get_path(WEB_CODE_PATH)."gradebook/search.php",
+            api_get_path(WEB_CODE_PATH).'gradebook/search.php',
             'search',
             'info'
         )
diff --git a/plugin/customcertificate/src/CustomCertificatePlugin.php b/plugin/customcertificate/src/CustomCertificatePlugin.php
index 6b2045a346..5b1f59316a 100644
--- a/plugin/customcertificate/src/CustomCertificatePlugin.php
+++ b/plugin/customcertificate/src/CustomCertificatePlugin.php
@@ -216,12 +216,13 @@ class CustomCertificatePlugin extends Plugin
             return [];
         }
 
+        $userId = api_get_user_id();
         $certificateTable = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CERTIFICATE);
         $categoryTable = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY);
         $sql = "SELECT cer.user_id AS user_id, cat.session_id AS session_id, cat.course_code AS course_code
                 FROM $certificateTable cer
                 INNER JOIN $categoryTable cat
-                ON (cer.cat_id = cat.id)
+                ON (cer.cat_id = cat.id AND cer.user_id = $userId)
                 WHERE cer.id = $id";
         $rs = Database::query($sql);
         if (Database::num_rows($rs) > 0) {
@@ -251,7 +252,7 @@ class CustomCertificatePlugin extends Plugin
     {
         $certId = (int) $certId;
         if (api_get_plugin_setting('customcertificate', 'enable_plugin_customcertificate') == 'true') {
-            $infoCertificate = CustomCertificatePlugin::getCertificateData($certId);
+            $infoCertificate = self::getCertificateData($certId);
             if (!empty($infoCertificate)) {
                 if ($certificate->user_id == api_get_user_id() && !empty($certificate->certificate_data)) {
                     $certificateId = $certificate->certificate_data['id'];
diff --git a/plugin/customcertificate/src/print_certificate.php b/plugin/customcertificate/src/print_certificate.php
index 0807d3dc8f..94f0eb686e 100644
--- a/plugin/customcertificate/src/print_certificate.php
+++ b/plugin/customcertificate/src/print_certificate.php
@@ -32,6 +32,15 @@ if (intval($_GET['default']) == 1) {
     $enableCourse = api_get_course_setting('customcertificate_course_enable', $courseCode) == 1 ? true : false;
     $useDefault = api_get_course_setting('use_certificate_default', $courseCode) == 1 ? true : false;
 }
+
+if (empty($courseCode)) {
+    $courseCode = isset($_REQUEST['course_code']) ? Database::escape_string($_REQUEST['course_code']) : '';
+}
+
+if (empty($sessionId)) {
+    $sessionId = isset($_REQUEST['session_id']) ? (int) $_REQUEST['session_id'] : '';
+}
+
 $accessUrlId = api_get_current_access_url_id();
 
 $userList = [];