Opened 17 years ago
Closed 15 years ago
#5422 closed defect (bug) (fixed)
Sanitize plugin update information
Reported by: | Viper007Bond | Owned by: | westi |
---|---|---|---|
Milestone: | 2.8 | Priority: | normal |
Severity: | critical | Version: | 2.3.1 |
Component: | Security | Keywords: | needs-patch |
Focuses: | Cc: |
Description
The update data retrieved from WP.org is trusted to be safe and HTML encoded. We shouldn't make this assumption, plus we should to kses the plugin's name.
Attached is a proposed patch. Seems to work okay.
Attachments (6)
Change History (23)
#2
@
15 years ago
- Component changed from Administration to Security
- Milestone changed from 2.9 to 2.8
#3
@
15 years ago
- Keywords 2nd-opinion removed
- Severity changed from normal to critical
+1. putput should be properly encoded / formatted! this is security related and solved, so please fix.
#4
@
15 years ago
- Keywords dev-feedback added
This is also useful for if anyone decides to implement their own version checking, While WordPress trusts WordPress.org, It might not be the case that a non-dot-org update checker may not be as nice..
#7
@
15 years ago
- Keywords tested added; dev-feedback removed
patch applies cleanly. clean_url should be used on the urls. else good to go imo.
#8
@
15 years ago
- Keywords needs-patch added; has-patch tested removed
- Milestone changed from 2.8 to Future Release
patch is broken
#9
@
15 years ago
- Keywords has-patch added; needs-patch removed
- Milestone changed from Future Release to 2.8
Please Check.
Note: See
TracTickets for help on using
tickets.
+1 to that. See also #7875