Opened 3 weeks ago
#62224 new enhancement
The class class-wp-theme-json.php methods compute_theme_vars and to_ruleset need to be hardened
Reported by: | villu164 | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 6.6.2 |
Component: | Themes | Keywords: | |
Focuses: | Cc: |
Description
I first reported the issue on HackerOne and was told this can be a public hardening ticket. (https://hackerone.com/bugs?subject=user&report_id=2623479)
The compute_theme_vars (https://core.trac.wordpress.org/browser/tags/6.6.2/src/wp-includes/class-wp-theme-json.php#L2208) and to_ruleset (https://core.trac.wordpress.org/browser/tags/6.6.2/src/wp-includes/class-wp-theme-json.php#L1900) need to be hardened and the theme.json, should be considered as user supplied content. Thus the before-mentioned methods need to adjust for that and use proper sanitization
Note: See
TracTickets for help on using
tickets.