Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Audit #1321

Closed
joshreisner opened this issue Jan 27, 2024 · 1 comment
Closed

Security Audit #1321

joshreisner opened this issue Jan 27, 2024 · 1 comment
Assignees

Comments

@joshreisner
Copy link
Contributor

We have received an unconfirmed report of a possible security issue in TSML. While we wait for details on what that is, there are a number of improvement actions that we can take.

  1. we can be sure to verify nonces on every POST request, currently I see dozens of places where we verify nonces, but at least one where we do not: on the import & settings page when removing a data source
  2. we can explicitly check for required permissions on any non-public ajax method (i see four)
  3. tsml_import_page and tsml_settings page are currently functions which are currently only called from add_submenu_page - but since they are functions they technically could be reused. seems like a stretch but we could make them closures or explicitly re-check permissions
@kiyote33
Copy link
Collaborator

This issue closed with the release of #3.14.27 and #3.14.28

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants