diff --git a/plugin/src/PaymentGateways/WC_Gateway_Transbank_Oneclick_Mall_REST.php b/plugin/src/PaymentGateways/WC_Gateway_Transbank_Oneclick_Mall_REST.php
index ba01826..bafa3de 100644
--- a/plugin/src/PaymentGateways/WC_Gateway_Transbank_Oneclick_Mall_REST.php
+++ b/plugin/src/PaymentGateways/WC_Gateway_Transbank_Oneclick_Mall_REST.php
@@ -338,7 +338,7 @@ public function form()
      */
     private function handleRequest(array $request, WC_Order $order)
     {
-        $paymentTokenId = $request["wc-{$this->id}-payment-token"] ?? null;
+        $paymentTokenId = wc_clean($request["wc-{$this->id}-payment-token"]) ?? null;
 
         if ($paymentTokenId === 'new' || is_null($paymentTokenId)) {
             return $this->handleInscription($order);