When WordPress enabled the REST API in Core in version 4.7 it enabled the endpoint /wp-json/wp/v2/users/ to list all users that have posted something to the site. Therefore that endpoint can be used by an attacker to find some or all of the administrator account usernames to target for password cracking which is a potential … Read more
The first thing is to inline the nonce so that you can use it in the script that calls the ajax action. // plugin or theme php file wp_enqueue_script( ‘your-script-handle’, ‘url/to/your/script.js’, array( ‘jquery’ ), null, true ); wp_add_inline_script( ‘your-script-handle’, ‘const YourAjaxConfig = ‘ . json_encode( array( ‘ajax’ => array( ‘url’ => admin_url( ‘admin-ajax.php’ ), ‘action’ … Read more
You can use the rest_dispatch_request filter to catch the /wp/v2/users routes before they deliver their data to the user. add_filter( ‘rest_dispatch_request’, ‘wpse425815_authenticate_user_route’, 10, 4 ); /** * Forces authentication on the wp/v2/user route(s). * * @param mixed $result The current result. * @param WP_Request $request The REST request. * @param string $route The requested route. … Read more
If you downloaded the latest version then your download URL would have been: https://wordpress.org/wordpress-6.5.3.zip You can find the md5 hash for this file by adding .md5 to the end of that URL, like this: https://wordpress.org/wordpress-6.5.3.zip.md5 The md5 hash for this file is: ad3b0a21dec368341d64906e86db49f7 So, theoretically, you should be able to get the md5 hash of … Read more
How to address security vulnerabilities: LUCKY13, BEAST, and BREACH
Instead of looping through the array, use this: map_deep( $form_data, ‘sanitize_text_field’ ); (see the User Notes in the function doc: https://developer.wordpress.org/reference/functions/sanitize_text_field/ ) The docs state that Checks for invalid UTF-8, Converts single < characters to entities Strips all tags Removes line breaks, tabs, and extra whitespace Strips percent-encoded characters So you could also use the … Read more
For all REST API routes, the rest_api_init action hook fires when preparing to serve a REST API request. The request URI ($_SERVER[‘REQUEST_URI’]) can be inspected with a regular expression to detect the root (e.g. wp-json) and the route (e.g. /wp/v2/posts) of the request. You can then decide what to return to the client (e.g. WP_Error, … Read more
Which php files, in a WordPress setup, do not need direct web access?
WordPress User Registration/ Sign Up -> Able to take Paid Certification Courses & keep track of Completed Certificates
Stop the user if login from the cookies