* Added additional nonce coverage

JWardee · Jan 12, 2024 · b567876 · b567876
1 parent 2b8d3dc
commit b567876
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 6 deletions.
diff --git a/WpMailCatcher.php b/WpMailCatcher.php
@@ -6,7 +6,7 @@
 Domain Path: /languages
 Description: Logging your mail will stop you from ever losing your emails again! This fast, lightweight plugin (under 140kb in size!) is also useful for debugging or backing up your messages.
 Author: James Ward
-Version: 2.1.6
+Version: 2.1.7
 Author URI: https://jamesward.io
 Donate link: https://paypal.me/jamesmward
 */

diff --git a/build/grunt/package.json b/build/grunt/package.json
@@ -1,6 +1,6 @@
 {
   "name": "WpMailCatcher",
-  "version": "2.1.6",
+  "version": "2.1.7",
   "lang_po_directory": "../../languages",
   "build_directory": "./..",
   "dist_directory": "../../assets",

diff --git a/readme.txt b/readme.txt
@@ -4,7 +4,7 @@ Tags: mail logging, email log, email logger, logging, email logging, mail, crm
 Requires at least: 4.7
 Tested up to: 6.4
 Requires PHP: 7.4
-Stable tag: 2.1.6
+Stable tag: 2.1.7
 License: GNU General Public License v3.0
 License URI: https://raw.githubusercontent.com/JWardee/wp-mail-catcher/master/LICENSE
 Donate link: https://paypal.me/jamesmward
@@ -94,6 +94,10 @@ Great! Please leave a note in our (GitHub tracker)
 
 == Changelog ==
 
+= 2.1.7 =
+
+- Security: Added additional nonce checks to setting actions
+
 = 2.1.6 =
 
 - Fix: Logs not appearing in WP versions under 6.2

diff --git a/src/Bootstrap.php b/src/Bootstrap.php
@@ -133,6 +133,10 @@ public function route()
         if (current_user_can(Settings::get('default_view_role'))) {
             /** Perform database upgrade */
             if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'upgrade-database') {
+                if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'upgrade-database')) {
+                    wp_die(GeneralHelper::$failedNonceMessage);
+                }
+
                 DatabaseUpgradeManager::getInstance()->doUpgrade();
                 GeneralHelper::redirectToThisHomeScreen();
             }
@@ -231,6 +235,10 @@ public function route()
 
         if (current_user_can(Settings::get('default_settings_role'))) {
             if (isset($_REQUEST['action']) && $_REQUEST['action'] === 'rerun-migrations') {
+                if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'rerun_migrations')) {
+                    wp_die(GeneralHelper::$failedNonceMessage);
+                }
+
                 DatabaseUpgradeManager::getInstance()->doUpgrade(true);
                 GeneralHelper::redirectToThisHomeScreen([
                     'trigger-rerun-migration-success' => true,
@@ -239,6 +247,10 @@ public function route()
             }
 
             if (isset($_REQUEST['action']) && $_REQUEST['action'] === 'trigger-auto-delete') {
+                if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'trigger_auto_delete')) {
+                    wp_die(GeneralHelper::$failedNonceMessage);
+                }
+
                 ExpiredLogManager::removeExpiredLogs();
                 GeneralHelper::redirectToThisHomeScreen([
                     'trigger-auto-delete-success' => true,

diff --git a/src/Views/Log.php b/src/Views/Log.php
@@ -31,7 +31,10 @@
                              to perform the upgrade.</strong>',
                             'WpMailCatcher'
                         ),
-                        '?page=' . GeneralHelper::$adminPageSlug . '&action=upgrade-database'
+                        wp_nonce_url(
+                            '?page=' . GeneralHelper::$adminPageSlug . '&action=upgrade-database',
+                            'upgrade-database'
+                        )
                     );
                     ?>
                 </p>

diff --git a/src/Views/Settings.php b/src/Views/Settings.php
@@ -132,7 +132,10 @@
                                     </span>
                                 </label>
                                 <?php if (isset($cronJobs[0])) :
-                                    $href = '?page=' . GeneralHelper::$adminPageSlug . '&action=trigger-auto-delete';
+                                    $href = wp_nonce_url(
+                                        '?page=' . GeneralHelper::$adminPageSlug . '&action=trigger-auto-delete',
+                                        'trigger_auto_delete'
+                                    );
                                     ?>
                                     <p class="description">
                                         <?php
@@ -158,7 +161,10 @@
                         <td>
                             <p class="description">
                                 <?php
-                                $href = '?page=' . GeneralHelper::$adminPageSlug . '&action=rerun-migrations';
+                                $href = wp_nonce_url(
+                                    '?page=' . GeneralHelper::$adminPageSlug . '&action=rerun-migrations',
+                                    'rerun_migrations'
+                                );
                                 printf(
                                     __(
                                         '%s. <a href="' . $href . '">Rerun migrations</a>',