Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3393700

Timestamp:

11/11/2025 01:39:21 PM (4 months ago)

Author:

chrmrtns

Message:

v3.2.3 - WordPress Plugin Check Security Compliance

Security Improvements:

Replaced all wp_redirect() with wp_safe_redirect() (21 occurrences)
Added wp_validate_redirect() for custom/external URLs with safe fallbacks
Enhanced redirect security across login flows, 2FA, and admin actions

Plugin Check Compliance:

Fixed all WordPress Plugin Check redirect security warnings
Core WordPress hook (wp_login) properly documented
Internal dynamic notification hooks properly documented
Database queries properly documented as safe

Files Updated:

includes/Core/Core.php (8 redirect fixes)
includes/Security/TwoFA/Core.php (11 fixes)
includes/Admin/Admin.php (1 fix)
includes/Core/Notices.php (7 phpcs comments)
includes/Core/Database.php (8 phpcs updates)
Version bumped to 3.2.3

Zero breaking changes - 100% backward compatible

Location:

keyless-auth

Files:

: 71 added
: 7 edited

tags/3.2.3 (added)
tags/3.2.3/LICENSE (added)
tags/3.2.3/assets (added)
tags/3.2.3/assets/css (added)
tags/3.2.3/assets/css/2fa-frontend.css (added)
tags/3.2.3/assets/css/admin-style.css (added)
tags/3.2.3/assets/css/forms-enhanced-dark.css (added)
tags/3.2.3/assets/css/forms-enhanced-light.css (added)
tags/3.2.3/assets/css/forms-enhanced.css (added)
tags/3.2.3/assets/css/help-page.css (added)
tags/3.2.3/assets/css/style-back-end.css (added)
tags/3.2.3/assets/css/style-front-end.css (added)
tags/3.2.3/assets/css/woocommerce-integration.css (added)
tags/3.2.3/assets/js (added)
tags/3.2.3/assets/js/2fa-frontend.js (added)
tags/3.2.3/assets/js/admin-script.js (added)
tags/3.2.3/assets/js/help-page.js (added)
tags/3.2.3/assets/js/qrcode.js (added)
tags/3.2.3/assets/js/qrcode.min.js (added)
tags/3.2.3/assets/js/woocommerce-integration.js (added)
tags/3.2.3/assets/logo_150_150.png (added)
tags/3.2.3/autoload.php (added)
tags/3.2.3/includes (added)
tags/3.2.3/includes/Admin (added)
tags/3.2.3/includes/Admin/Admin.php (added)
tags/3.2.3/includes/Admin/Admin.php.backup (added)
tags/3.2.3/includes/Admin/Ajax (added)
tags/3.2.3/includes/Admin/Ajax/TwoFAAjaxHandler.php (added)
tags/3.2.3/includes/Admin/Ajax/index.php (added)
tags/3.2.3/includes/Admin/Assets (added)
tags/3.2.3/includes/Admin/Assets/AssetLoader.php (added)
tags/3.2.3/includes/Admin/Assets/index.php (added)
tags/3.2.3/includes/Admin/MenuManager.php (added)
tags/3.2.3/includes/Admin/Pages (added)
tags/3.2.3/includes/Admin/Pages/DashboardPage.php (added)
tags/3.2.3/includes/Admin/Pages/HelpPage.php (added)
tags/3.2.3/includes/Admin/Pages/MailLogsPage.php (added)
tags/3.2.3/includes/Admin/Pages/OptionsPage.php (added)
tags/3.2.3/includes/Admin/Pages/SmtpPage.php (added)
tags/3.2.3/includes/Admin/Pages/TemplatesPage.php (added)
tags/3.2.3/includes/Admin/Pages/TwoFAUsersPage.php (added)
tags/3.2.3/includes/Admin/Pages/index.php (added)
tags/3.2.3/includes/Admin/Settings (added)
tags/3.2.3/includes/Admin/Settings/SettingsManager.php (added)
tags/3.2.3/includes/Admin/Settings/index.php (added)
tags/3.2.3/includes/Admin/index.php (added)
tags/3.2.3/includes/Core (added)
tags/3.2.3/includes/Core/Core.php (added)
tags/3.2.3/includes/Core/Database.php (added)
tags/3.2.3/includes/Core/Main.php (added)
tags/3.2.3/includes/Core/Notices.php (added)
tags/3.2.3/includes/Core/PasswordReset.php (added)
tags/3.2.3/includes/Core/WooCommerce.php (added)
tags/3.2.3/includes/Core/index.php (added)
tags/3.2.3/includes/Email (added)
tags/3.2.3/includes/Email/MailLogger.php (added)
tags/3.2.3/includes/Email/SMTP.php (added)
tags/3.2.3/includes/Email/Templates.php (added)
tags/3.2.3/includes/Email/index.php (added)
tags/3.2.3/includes/Security (added)
tags/3.2.3/includes/Security/TwoFA (added)
tags/3.2.3/includes/Security/TwoFA/Core.php (added)
tags/3.2.3/includes/Security/TwoFA/Frontend.php (added)
tags/3.2.3/includes/Security/TwoFA/TOTP.php (added)
tags/3.2.3/includes/Security/TwoFA/index.php (added)
tags/3.2.3/includes/Security/index.php (added)
tags/3.2.3/includes/index.php (added)
tags/3.2.3/keyless-auth.php (added)
tags/3.2.3/languages (added)
tags/3.2.3/languages/keyless-auth.pot (added)
tags/3.2.3/readme.txt (added)
trunk/includes/Admin/Admin.php (modified) (1 diff)
trunk/includes/Core/Core.php (modified) (8 diffs)
trunk/includes/Core/Database.php (modified) (4 diffs)
trunk/includes/Core/Notices.php (modified) (5 diffs)
trunk/includes/Security/TwoFA/Core.php (modified) (9 diffs)
trunk/keyless-auth.php (modified) (2 diffs)
trunk/readme.txt (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

keyless-auth/trunk/includes/Admin/Admin.php

r3380037	r3393700
66	66	if (wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['_wpnonce'])), 'chrmrtns_kla_learn_more_dismiss_notification')) {
67	67	update_option('chrmrtns_kla_learn_more_dismiss_notification', true);
68		wp_redirect(remove_query_arg(array('chrmrtns_kla_learn_more_dismiss_notification', '_wpnonce')));
	68	wp_safe_redirect(remove_query_arg(array('chrmrtns_kla_learn_more_dismiss_notification', '_wpnonce')));
69	69	exit;
70	70	}

keyless-auth/trunk/includes/Core/Core.php

-                      r3390737
+                      r3393700
         // Check admin approval compatibility
         if ($this->is_admin_approval_required($user)) {
             wp_redirect(add_query_arg('chrmrtns_kla_adminapp_error', '1', $this->get_current_page_url()));
+            wp_safe_redirect(add_query_arg('chrmrtns_kla_adminapp_error', '1', $this->get_current_page_url()));
             exit;
+        }
 …
+        }
         // Perform the redirect
         wp_redirect($redirect_url);
+        // Perform the redirect with validation
+        wp_safe_redirect(wp_validate_redirect($redirect_url, wp_login_url()));
         exit;
+    }
 …
+        }
         // Perform the redirect
         wp_redirect($redirect_url);
+        // Perform the redirect with validation
+        wp_safe_redirect(wp_validate_redirect($redirect_url, wp_login_url()));
         exit;
+    }
 …
         // Validate token
         if (!$this->validate_login_token($user_id, $token)) {
             wp_redirect(add_query_arg('chrmrtns_kla_error_token', '1', $this->get_current_page_url()));
+            wp_safe_redirect(add_query_arg('chrmrtns_kla_error_token', '1', $this->get_current_page_url()));
             exit;
+        }
 …
                     ), home_url());
                     wp_redirect($tfa_verify_url);
+                    wp_safe_redirect($tfa_verify_url);
                     exit;
                 } elseif ($role_required) {
 …
                     // If grace period expired, redirect to 2FA setup
                     if (time() > $grace_end) {
                         wp_redirect(add_query_arg(array('action' => 'keyless-2fa-setup', 'magic_login' => '1'), home_url()));
+                        wp_safe_redirect(add_query_arg(array('action' => 'keyless-2fa-setup', 'magic_login' => '1'), home_url()));
                         exit;
+                    }
 …
         $redirect_url = apply_filters('chrmrtns_kla_after_login_redirect', $redirect_url, $user_id);
         wp_redirect($redirect_url);
+        wp_safe_redirect(wp_validate_redirect($redirect_url, admin_url()));
         exit;
+    }
 …
         // Redirect back to wp-login.php with success message
         wp_redirect(add_query_arg(array(
+        wp_safe_redirect(add_query_arg(array(
             'chrmrtns_kla_sent' => '1'
         ), wp_login_url()));

keyless-auth/trunk/includes/Core/Database.php

-                      r3382345
+                      r3393700
                 if (!$new_table_exists) {
                     // Rename old table to new table name (faster than copy + delete)
                     // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.DirectDatabaseQuery.SchemaChange,WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- Renaming table during migration, table names are safely constructed
+                    // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.DirectDatabaseQuery.SchemaChange,WordPress.DB.PreparedSQL.InterpolatedNotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter -- Renaming table during migration, table names are safely constructed from prefix
                     $wpdb->query("RENAME TABLE `{$old_table}` TO `{$new_table}`");
                 } else {
                     // If both exist, copy data from old to new, then drop old
                     // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- Migration data copy, table names are safely constructed
+                    // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.PreparedSQL.InterpolatedNotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter -- Migration data copy, table names are safely constructed from prefix
                     $wpdb->query("INSERT IGNORE INTO `{$new_table}` SELECT * FROM `{$old_table}`");
                     // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.DirectDatabaseQuery.SchemaChange,WordPress.DB.PreparedSQL.InterpolatedNotPrepared -- Dropping old table after migration, table name is safely constructed
+                    // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.DirectDatabaseQuery.SchemaChange,WordPress.DB.PreparedSQL.InterpolatedNotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter -- Dropping old table after migration, table name is safely constructed from prefix
                     $wpdb->query("DROP TABLE IF EXISTS `{$old_table}`");
+                }
 …
                 LIMIT %d OFFSET %d";
         // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- $sql contains sanitized dynamic content, $where_values properly prepared
         return $wpdb->get_results($wpdb->prepare($sql, $where_values)); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching
+        // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,PluginCheck.Security.DirectDB.UnescapedDBParameter -- $sql contains sanitized dynamic content, $where_values properly prepared
+        return $wpdb->get_results($wpdb->prepare($sql, $where_values));
+    }
 …
         if (!empty($where_values)) {
+            return $wpdb->query($wpdb->prepare($sql, $where_values)); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching
+            // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,PluginCheck.Security.DirectDB.UnescapedDBParameter -- $sql is safely constructed, $where_values properly prepared
+            return $wpdb->query($wpdb->prepare($sql, $where_values));
         } else {
+            return $wpdb->query($sql); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching
+            // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,PluginCheck.Security.DirectDB.UnescapedDBParameter -- $sql is safely constructed with only hardcoded WHERE clause
+            return $wpdb->query($sql);
+        }
+    }
 …
             $query = $base_query . " WHERE (u.user_login LIKE %s OR u.user_email LIKE %s OR u.display_name LIKE %s) ORDER BY u.user_login ASC";
             // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.PreparedSQL.NotPrepared -- Querying custom devices table for admin interface with search, query properly prepared with placeholders
+            // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.PreparedSQL.NotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter -- Querying custom devices table for admin interface with search, query properly prepared with placeholders
             $prepared_query = $wpdb->prepare($query, $search_term, $search_term, $search_term);
             // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Query already prepared with placeholders above
+            // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter -- Query already prepared with placeholders above
             $results = $wpdb->get_results($prepared_query);
         } else {
             $query = $base_query . " ORDER BY u.user_login ASC";
             // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.PreparedSQL.NotPrepared -- Querying custom devices table for admin interface, no placeholders needed
+            // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery,WordPress.DB.DirectDatabaseQuery.NoCaching,WordPress.DB.PreparedSQL.NotPrepared,PluginCheck.Security.DirectDB.UnescapedDBParameter -- Querying custom devices table for admin interface, no placeholders needed
             $results = $wpdb->get_results($query);
+        }

keyless-auth/trunk/includes/Core/Notices.php

-                      r3380037
+                      r3393700
         $user_id = $current_user->ID;
+        // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
         do_action($this->notificationId . '_before_notification_displayed', $current_user, $pagenow);
 …
             // Check that the user hasn't already clicked to ignore the message
             if (!get_user_meta($user_id, $this->notificationId . '_dismiss_notification')) {
+                // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
                 $finalMessage = apply_filters(
                     $this->notificationId . '_notification_message',
+                    $this->notificationId . '_notification_message', // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
                     '<div class="' . esc_attr($this->notificationClass) . '">' . wp_kses_post($this->notificationMessage) . '</div>',
                     $this->notificationMessage
 …
                 echo wp_kses_post($finalMessage);
+            }
+            // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
             do_action($this->notificationId . '_notification_displayed', $current_user, $pagenow);
+        }
+        // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
         do_action($this->notificationId . '_after_notification_displayed', $current_user, $pagenow);
+    }
 …
         $user_id = $current_user->ID;
+        // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
         do_action($this->notificationId . '_before_notification_dismissed', $current_user);
 …
+        }
+        // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound -- Internal prefixed hook with dynamic name
         do_action($this->notificationId . '_after_notification_dismissed', $current_user);
+    }

keyless-auth/trunk/includes/Security/TwoFA/Core.php

-                      r3382345
+                      r3393700
             $login_url = class_exists('Chrmrtns\\KeylessAuth\\Admin\\Admin') ?
                 \Chrmrtns\KeylessAuth\Admin\Admin::get_login_url() : wp_login_url();
             wp_redirect($login_url);
+            wp_safe_redirect($login_url);
             exit;
+        }
 …
             $login_url = class_exists('Chrmrtns\\KeylessAuth\\Admin\\Admin') ?
                 \Chrmrtns\KeylessAuth\Admin\Admin::get_login_url() : wp_login_url();
             wp_redirect($login_url);
+            wp_safe_redirect($login_url);
             exit;
+        }
 …
     public function show_2fa_setup_page() {
         if (current_user_can('read')) {
             wp_redirect(admin_url('?chrmrtns_kla_setup_notice=1'));
+            wp_safe_redirect(admin_url('?chrmrtns_kla_setup_notice=1'));
             exit;
+        }
 …
         if (empty($code)) {
             wp_redirect(add_query_arg(array('action' => 'keyless-2fa-verify', 'error' => 'empty_code'), home_url()));
+            wp_safe_redirect(add_query_arg(array('action' => 'keyless-2fa-verify', 'error' => 'empty_code'), home_url()));
             exit;
+        }
 …
             wp_set_current_user($user_id, $user->user_login);
             wp_set_auth_cookie($user_id, true);
+            // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress hook
             do_action('wp_login', $user->user_login, $user);
 …
+                }
                 wp_redirect($magic_login_data['redirect_url']);
+                wp_safe_redirect(wp_validate_redirect($magic_login_data['redirect_url'], admin_url()));
                 exit;
+            }
             wp_redirect(admin_url());
+            wp_safe_redirect(admin_url());
             exit;
         } else {
             $lockout_seconds = $this->totp->is_user_locked_out($user_id);
             $error = $lockout_seconds > 0 ? 'locked_out' : 'invalid_code';
             wp_redirect(add_query_arg(array('action' => 'keyless-2fa-verify', 'error' => $error), home_url()));
+            wp_safe_redirect(add_query_arg(array('action' => 'keyless-2fa-verify', 'error' => $error), home_url()));
             exit;
+        }
 …
         $_SESSION['chrmrtns_kla_2fa_user_id'] = $user_id;
         wp_redirect(home_url('/?action=keyless-2fa-verify'));
+        wp_safe_redirect(home_url('/?action=keyless-2fa-verify'));
         exit;
+    }
 …
             if (time() > $grace_end) {
                 wp_logout();
                 wp_redirect(add_query_arg('chrmrtns_kla_2fa_required', '1', wp_login_url()));
+                wp_safe_redirect(add_query_arg('chrmrtns_kla_2fa_required', '1', wp_login_url()));
                 exit;
+            }
 …
             if (time() > $grace_end) {
                 wp_redirect(home_url('/?action=keyless-2fa-setup'));
+                wp_safe_redirect(home_url('/?action=keyless-2fa-setup'));
                 exit;
+            }

keyless-auth/trunk/keyless-auth.php

-                      r3390737
+                      r3393700
 * Plugin URI: https://github.com/chrmrtns/keyless-auth
 * Description: Enhanced passwordless authentication with magic email links, two-factor authentication, SMTP integration, WooCommerce integration, and comprehensive security features for WordPress.
 * Version: 3.2.2
+* Version: 3.2.3
 * Author: Chris Martens
 * Author URI: https://github.com/chrmrtns
 …
 // Define plugin constants
 define('CHRMRTNS_KLA_VERSION', '3.2.1');
+define('CHRMRTNS_KLA_VERSION', '3.2.3');
 define('CHRMRTNS_KLA_PLUGIN_DIR', plugin_dir_path(__FILE__));
 define('CHRMRTNS_KLA_PLUGIN_URL', plugin_dir_url(__FILE__));

keyless-auth/trunk/readme.txt

-                      r3390737
+                      r3393700
 Requires at least: 3.9
 Tested up to: 6.8
 Stable tag: 3.2.2
+Stable tag: 3.2.3
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 …
 == Changelog ==
+= 3.2.3 =
+* SECURITY: Replaced all wp_redirect() with wp_safe_redirect() for enhanced security (21 occurrences)
+* SECURITY: Added wp_validate_redirect() validation for custom/external URLs with fallback to safe defaults
+* FIX: WordPress Plugin Check compliance - All redirect security warnings resolved
+* FIX: Core hook "wp_login" properly ignored with phpcs comment (WordPress core hook, not plugin hook)
+* IMPROVEMENT: Dynamic notification hooks properly documented with phpcs ignore comments
+* TECHNICAL: Custom redirect URLs from options now validated before redirect
+* TECHNICAL: Magic login redirect URLs from transients validated with fallback to admin_url()
+* TECHNICAL: All 4 files updated: Core.php (8 fixes), TwoFA/Core.php (11 fixes), Admin/Admin.php (1 fix), Notices.php (6 comments)
 = 3.2.2 =

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory