Skip to content

Instantly share code, notes, and snippets.

View kharissulistiyo's full-sized avatar
🏠
Working from home

Kharis Sulistiyono kharissulistiyo

🏠
Working from home
27 followers · 57 following
View GitHub Profile
@kharissulistiyo
kharissulistiyo / patch-code-sample-settings-change-vulnerability.php
Created November 26, 2024 02:52
Patch PHP Settings Change vulnerability
<?php
/**
* Method for enable / disable addons
*/
public function addon_enable_disable() {
$current_user_id = get_current_user_id();
if ( !wp_verify_nonce( $_POST['nonce'], 'cf_reset_ajax_nonce' ) ) {
@kharissulistiyo
kharissulistiyo / bad-code-sample-settings-change-vulnerability.php
Created November 26, 2024 02:50
Bad PHP code sample: Settings Change vulnerability
<?php
/**
* Method for enable / disable addons
*/
public function addon_enable_disable(){
$addonsConfig = maybe_unserialize(get_option('wpcf_addons_config'));
$isEnable = (bool) sanitize_text_field( wpcf_function()->avalue_dot('isEnable', $_POST) );
$addonFieldName = sanitize_text_field( wpcf_function()->avalue_dot('addonFieldName', $_POST) );
$addonsConfig[$addonFieldName]['is_enable'] = ($isEnable) ? 1 : 0;
@kharissulistiyo
kharissulistiyo / patch-code-sample-arbitrary-file-upload-vulnerability.php
Created November 21, 2024 23:04
Patch PHP Arbitrary File Upload vulnerability
<?php
public function upload_file() {
if ( ! current_user_can( 'upload_file' ) ) {
wp_send_json_error( array( 'errorMessage' => esc_html__( 'You are not allowed to upload files.', 'download-monitor' ) ) );
}
$uploadedfile = $_FILES['file'];
$image_url = $uploadedfile['tmp_name'];
@kharissulistiyo
kharissulistiyo / bad-code-sample-arbitrary-file-upload.php
Created November 21, 2024 22:56
Bad PHP code sample: Arbitrary File Upload vulnerability
<?php
public function upload_file() {
$uploadedfile = $_FILES['file'];
$image_url = $uploadedfile['tmp_name'];
$upload_dir = wp_upload_dir();
@kharissulistiyo
kharissulistiyo / patch-code-sample-directory-traversal-vulnerability.php
Created November 21, 2024 14:17
Patch PHP Directory Traversal vulnerability
<?php
function alm_is_valid_path( $path ) {
if ( ! $path ) {
return false;
}
return false !== strpos( $path, './' ) || false !== strpos( $path, '.\\' ) ? false : true;
}
function alm_get_layout() {
@kharissulistiyo
kharissulistiyo / bad-code-sample-directory-traversal-vulnerability.php
Created November 21, 2024 14:13
Bad PHP code sample: Directory Traversal vulnerability
<?php
function alm_get_layout() {
$form_data = filter_input_array( INPUT_GET );
if ( ! current_user_can( 'edit_theme_options' ) || ! isset( $form_data['nonce'] ) ) {
// Bail early if missing WP capabilities or nonce.
wp_die( esc_attr__( 'You don\'t belong here.', 'ajax-load-more' ) );
}
@kharissulistiyo
kharissulistiyo / patch-code-sample-broken-access-control.php
Created November 20, 2024 05:53
Patch code sample: Broken Access Control vulnerability
<?php
public function get_content_editor() {
if (current_user_can('edit_posts')) {
$content_key = $this->request['key'];
$content_type = $this->request['type'];
$builder_post_title = 'dynamic-content-' . $content_type . '-' . $content_key;
$builder_post_id = Utils::get_page_by_title( $builder_post_title, 'elementskit_content' );
@kharissulistiyo
kharissulistiyo / bad-code-sample-broken-access-control.php
Last active November 20, 2024 06:26
Bad code sample: Broken Access Control vulnerability
<?php
public static function render_settings_page() {
if ( isset( $_POST['save_settings'] ) ) {
self::save_settings( $_POST );
}
wp_enqueue_style( 'cew-settings', CEW_URL . 'assets/css/settings.css', array(), CEW_VERSION );
wp_enqueue_script( 'cew-settings', CEW_URL . 'assets/js/scripts.js', array( 'jquery', 'jquery-ui' ), CEW_VERSION, true );
@kharissulistiyo
kharissulistiyo / patch-code-sample-cross-site-request-forgery.php
Created November 19, 2024 12:43
Patch code sample: Cross Site Request Forgery (CSRF) vulnerability
<?php
public static function render_settings_page() {
if ( isset( $_POST['save_settings'] ) ) {
self::save_settings( $_POST );
}
if ( ! isset( $_POST['cew_settings_nonce'] ) || ! wp_verify_nonce( $_POST['cew_settings_nonce'], CEW_BASENAME . '-settings' ) ) {
return;
}
@kharissulistiyo
kharissulistiyo / bad-code-sample-cross-site-request-forgery.php
Created November 19, 2024 12:41
Bad code sample: Cross Site Request Forgery (CSRF) vulnerability
<?php
public static function render_settings_page() {
if ( isset( $_POST['save_settings'] ) ) {
self::save_settings( $_POST );
}
wp_enqueue_style( 'cew-settings', CEW_URL . 'assets/css/settings.css', array(), CEW_VERSION );
wp_enqueue_script( 'cew-settings', CEW_URL . 'assets/js/scripts.js', array( 'jquery', 'jquery-ui' ), CEW_VERSION, true );