From 097bf6802f5d72f36289f968feb6b023b0d5ff4b Mon Sep 17 00:00:00 2001 From: Yakir Sitbon Date: Tue, 12 Nov 2024 14:49:21 +0200 Subject: [PATCH] Security Fix: Improved code security enforcement in theme/plugin file editor [ED-16139] (#220) --- hooks/class-aal-hook-plugins.php | 30 ------------------------------ hooks/class-aal-hook-themes.php | 26 -------------------------- readme.txt | 3 +++ 3 files changed, 3 insertions(+), 56 deletions(-) diff --git a/hooks/class-aal-hook-plugins.php b/hooks/class-aal-hook-plugins.php index 8e4321a..ea457bb 100644 --- a/hooks/class-aal-hook-plugins.php +++ b/hooks/class-aal-hook-plugins.php @@ -41,34 +41,6 @@ class AAL_Hook_Plugins extends AAL_Hook_Base { $this->_add_log_plugin( 'deleted', $plugin_file ); } - public function hooks_plugin_modify( $location, $status ) { - if ( false !== strpos( $location, 'plugin-editor.php' ) ) { - if ( ( ! empty( $_POST ) && 'update' === $_REQUEST['action'] ) ) { - $aal_args = array( - 'action' => 'file_updated', - 'object_type' => 'Plugins', - 'object_subtype' => 'plugin_unknown', - 'object_id' => 0, - 'object_name' => 'file_unknown', - ); - - if ( ! empty( $_REQUEST['file'] ) ) { - $aal_args['object_name'] = $_REQUEST['file']; - // Get plugin name - $plugin_dir = explode( '/', $_REQUEST['file'] ); - $plugin_data = array_values( get_plugins( '/' . $plugin_dir[0] ) ); - $plugin_data = array_shift( $plugin_data ); - - $aal_args['object_subtype'] = $plugin_data['Name']; - } - aal_insert_log( $aal_args ); - } - } - - // We are need return the instance, for complete the filter. - return $location; - } - /** * @param Plugin_Upgrader $upgrader * @param array $extra @@ -141,8 +113,6 @@ class AAL_Hook_Plugins extends AAL_Hook_Base { add_action( 'delete_plugin', array( $this, 'hooks_delete_plugin' ) ); - add_filter( 'wp_redirect', array( $this, 'hooks_plugin_modify' ), 10, 2 ); - add_action( 'upgrader_process_complete', array( $this, 'hooks_plugin_install_or_update' ), 10, 2 ); add_action( 'update_site_option_auto_update_plugins', [ $this, 'hooks_auto_update_settings' ], 10, 3 ); diff --git a/hooks/class-aal-hook-themes.php b/hooks/class-aal-hook-themes.php index 84514f4..fd04d8a 100644 --- a/hooks/class-aal-hook-themes.php +++ b/hooks/class-aal-hook-themes.php @@ -3,31 +3,6 @@ if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly class AAL_Hook_Themes extends AAL_Hook_Base { - public function hooks_theme_modify( $location, $status ) { - if ( false !== strpos( $location, 'theme-editor.php?file=' ) ) { - if ( ! empty( $_POST ) && 'update' === $_POST['action'] ) { - $aal_args = array( - 'action' => 'file_updated', - 'object_type' => 'Themes', - 'object_subtype' => 'theme_unknown', - 'object_id' => 0, - 'object_name' => 'file_unknown', - ); - - if ( ! empty( $_POST['file'] ) ) - $aal_args['object_name'] = $_POST['file']; - - if ( ! empty( $_POST['theme'] ) ) - $aal_args['object_subtype'] = $_POST['theme']; - - aal_insert_log( $aal_args ); - } - } - - // We are need return the instance, for complete the filter. - return $location; - } - public function hooks_switch_theme( $new_name, WP_Theme $new_theme ) { aal_insert_log( array( @@ -165,7 +140,6 @@ class AAL_Hook_Themes extends AAL_Hook_Base { } public function __construct() { - add_filter( 'wp_redirect', array( &$this, 'hooks_theme_modify' ), 10, 2 ); add_action( 'switch_theme', array( &$this, 'hooks_switch_theme' ), 10, 2 ); add_action( 'delete_site_transient_update_themes', array( &$this, 'hooks_theme_deleted' ) ); add_action( 'upgrader_process_complete', array( &$this, 'hooks_theme_install_or_update' ), 10, 2 ); diff --git a/readme.txt b/readme.txt index a3baf9b..a248035 100644 --- a/readme.txt +++ b/readme.txt @@ -118,6 +118,9 @@ You can report security bugs through the Patchstack Vulnerability Disclosure Pro == Changelog == += 2.11.2 - 2024-11-12 = +* Security Fix: Improved code security enforcement in theme/plugin file editor + = 2.11.1 - 2024-11-05 = * Tweak: Added ability to search in context column