Make WordPress Core

Opened 2 weeks ago

Last modified 2 weeks ago

#61314 assigned defect (bug)

Uncaught exception 'Error' with multiple messages in wp-include directory files during direct access

Reported by: deepakrohilla's profile deepakrohilla Owned by: deepakrohilla's profile deepakrohilla
Milestone: Awaiting Review Priority: normal
Severity: major Version:
Component: General Keywords: has-patch
Focuses: Cc:

Description

wp-includes folder .php extension files include in others files not loaded directly. If someone encounter and address direct access of wp-includes directory files, will return 500 error, so restrict direct access call in wp-includes and its sub directories to ensure all code works well.

These are the lists of files which encountered error on direct access.

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/class-wp-customize-control.php:707
Request URI : <domain-name>/wp-includes/class-wp-customize-control.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/ms-blogs.php:11
Request URI : <domain-name>/wp-includes/ms-blogs.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/class-wp-http.php:11
Request URI : <domain-name>/wp-includes/class-wp-http.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/class-wp-customize-panel.php:411
Request URI : <domain-name>/wp-includes/class-wp-customize-panel.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/class-wp-customize-setting.php:964
Request URI : <domain-name>/wp-includes/class-wp-customize-setting.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/ms-settings.php:35
Request URI : <domain-name>/wp-includes/ms-settings.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/nav-menu-template.php:11
Request URI : <domain-name>/wp-includes/nav-menu-template.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/wp-diff.php:13
Request URI : <domain-name>/wp-includes/wp-diff.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/class-IXR.php:42
Request URI : <domain-name>/wp-includes/class-IXR.php

Uncaught exception 'Error' with message 'Call to undefined function is_main_site()' in /var/www/wp-includes/update.php:1080
Request URI : <domain-name>/wp-includes/update.php

Uncaught exception 'Error' with message 'Call to undefined function is_admin()' in /var/www/wp-includes/vars.php:23
Request URI : <domain-name>/wp-includes/vars.php

Uncaught exception 'Error' with message 'Call to undefined function add_shortcode()' in /var/www/wp-includes/media.php:2173
Request URI : <domain-name>/wp-includes/media.php

Uncaught exception 'Error' with message 'Call to undefined function add_filter()' in /var/www/wp-includes/default-filters.php:22
Request URI : <domain-name>/wp-includes/default-filters.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/functions.php:8
Request URI : <domain-name>/wp-includes/functions.php

Uncaught exception 'Error' with message 'Undefined constant "ABSPATH"' in /var/www/wp-includes/default-widgets.php:11
Request URI : <domain-name>/wp-includes/default-widgets.php

Uncaught exception 'Error' with message 'Call to undefined function feed_content_type()' in /var/www/wp-includes/feed-atom.php:8
Request URI : <domain-name>/wp-includes/feed-atom.php

Uncaught exception 'Error' with message 'Class "SimplePie_Sanitize" not found' in /var/www/wp-includes/class-wp-simplepie-sanitize-kses.php:21
Request URI : <domain-name>/wp-includes/class-wp-simplepie-sanitize-kses.php

Uncaught exception 'Error' with message 'Class "Text_Diff_Renderer" not found' in /var/www/wp-includes/class-wp-text-diff-renderer-table.php:17
Request URI : <domain-name>/wp-includes/class-wp-text-diff-renderer-table.php

Change History (1)

This ticket was mentioned in PR #6665 on WordPress/wordpress-develop by @deepakrohilla.


2 weeks ago
#1

Fix direct accessibility of wp-includes directory multiple files.

Note: See TracTickets for help on using tickets.