[wp-trac] [WordPress Trac] #64789: Security audit for API key storage on the Connectors screen
WordPress Trac
noreply at wordpress.org
Wed Mar 4 15:05:35 UTC 2026
#64789: Security audit for API key storage on the Connectors screen
--------------------------+---------------------
Reporter: gziolo | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 7.0
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+---------------------
Comment (by flixos90):
+1 to everything that @johnbillion says. While it would be great to have
encryption, the implications for Core are different than for a plugin.
The challenge is indeed that we need to rely on a secret, and some sites
are configured to rotate these (which would then lead to the data no
longer being decryptable).
So at the minimum, we would need a new constant for an encryption key, and
that would need to be explicitly documented as to never rotate its value.
Certainly not trivial to pull off at the scale of WordPress, and certainly
not this late in the release cycle.
It's also worth noting that, if a malicious plugin gets access to the
site, none of it helps. So I think it's fair to proceed with the current
baseline of no encryption, and explore support for external two-way
encryption systems in the future.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64789#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list