Skip to content

Commit

Permalink
Merge pull request #415 from Codeinwp/fix/nonce_vulnerability
Browse files Browse the repository at this point in the history 
fix: nonce source restriction
  • Loading branch information
@vytisbulkevicius
vytisbulkevicius authored Dec 21, 2023
2 parents 6ce3a76 + 2271430 commit 3244f31
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion includes/classes/wp-maintenance-mode-admin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -689,8 +689,13 @@ public function insert_template() {
die( esc_html__( 'The nonce field must not be empty.', 'wp-maintenance-mode' ) );
}

// sanitize source only allow specific sources for further nonce verification.
$source = isset( $_POST['source'] ) && in_array( $_POST['source'], array( 'wizard', 'tab-design' ), true ) ? $_POST['source'] : '';
if ( empty( $source ) ) {
die( esc_html__( 'The source must not be empty.', 'wp-maintenance-mode' ) );
}
// check nonce validation
if ( ! wp_verify_nonce( $_POST['_wpnonce'], $_POST['source'] ) ) {
if ( ! wp_verify_nonce( $_POST['_wpnonce'], $source ) ) {
die( esc_html__( 'Security check.', 'wp-maintenance-mode' ) );
}

Expand Down

0 comments on commit 3244f31

Please sign in to comment.