[wp-trac] [WordPress Trac] #62449: Bypassable Sanitization in the restfulAPI, which lead to the
WordPress Trac
noreply at wordpress.org
Tue Nov 19 10:28:27 UTC 2024
#62449: Bypassable Sanitization in the restfulAPI, which lead to the
--------------------------+-----------------------
Reporter: samjhuseclab | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: REST API | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses: rest-api
--------------------------+-----------------------
Changes (by johnbillion):
* keywords: changes-requested =>
* status: new => closed
* version: trunk =>
* resolution: => invalid
* milestone: Awaiting Review =>
Comment:
Thanks for the report @samjhuseclab, but this issue depends on an attacker
having the ability to insert malicious PHP code into a plugin. If they're
able to do that then they're free to attack the site in any way they wish,
which renders this issue moot. There are no doubt hundreds of places in
WordPress where data and output passes through filters after sanitisation.
I'll close this ticket off. If you think there is another valid attack
vector to this that doesn't involve the attacker having the ability to
insert PHP that they control then please get in touch with the security
team via HackerOne as per https://make.wordpress.org/core/handbook/testing
/reporting-security-vulnerabilities/ . Thanks.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62449#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list