Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix vulnerability
  • Loading branch information
khromov committed Feb 23, 2022
1 parent 94094e0 commit ad4ba17
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 6 deletions.
15 changes: 10 additions & 5 deletions english-wp-admin.php
Expand Up @@ -3,7 +3,7 @@
Plugin Name: English WordPress Admin
Plugin URI: http://wordpress.org/plugins/english-wp-admin
Description: Lets users change their administration language to English
Version: 1.5.1
Version: 1.5.2
Author: khromov
Author URI: http://snippets.khromov.se
GitHub Plugin URI: khromov/wp-english-wp-admin
Expand Down Expand Up @@ -89,15 +89,17 @@ function register_endpoints()
{
//We're in admin
if(is_admin()) {
//Is the GET variable set?
if(isset($_GET['admin_custom_language_toggle'])) {

//Is the GET variables required set?
if(isset($_GET['admin_custom_language_toggle']) && isset($_GET['nonce'])) {

//Cast variable
$cookie_value = intval($_GET['admin_custom_language_toggle']);

//Set cookie
$cookie_value === 1 ? $this->set_cookie(1) : $this->set_cookie(0);

if(isset($_GET['admin_custom_language_return_url'])) {
if(isset($_GET['admin_custom_language_return_url']) && wp_verify_nonce( $_GET['nonce'], 'english_wordpress_admin_redirect')) {
wp_redirect(urldecode($_GET['admin_custom_language_return_url']));
}
else {
Expand Down Expand Up @@ -254,12 +256,15 @@ function admin_bar($wp_admin_bar)
{
//We're in admin and this is not a WPML install
if(is_admin() && apply_filters('english_wordpress_admin_show_admin_bar', true) === true) {

//Sets up the toggle link
$toggle_nonce = wp_create_nonce('english_wordpress_admin_redirect');

if($this->in_url_whitelist()) {
$toggle_href = plugin_dir_url( __FILE__ ) . 'readme.txt';
}
else {
$toggle_href = admin_url('?admin_custom_language_toggle=' . ($this->english_admin_enabled() ? '0' : '1') . '&admin_custom_language_return_url=' . urlencode((is_ssl() ? 'https' : 'http') . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]));
$toggle_href = admin_url('?admin_custom_language_toggle=' . ($this->english_admin_enabled() ? '0' : '1') . '&nonce=' . $toggle_nonce . '&admin_custom_language_return_url=' . urlencode((is_ssl() ? 'https' : 'http') . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]));
}

//Create toggle title
Expand Down
6 changes: 5 additions & 1 deletion readme.txt
Expand Up @@ -3,7 +3,7 @@ Contributors: khromov
Tags: english, wpml, multilanguage
Requires at least: 3.5
Tested up to: 5.3
Stable tag: 1.5.1
Stable tag: 1.5.2
License: GPL2

Lets users change their administration language to English
Expand Down Expand Up @@ -100,6 +100,10 @@ You can leave feature requests in the plugin support forum.

== Changelog ==

= 1.5.2 =

* Fix for unauthenticated open redirect vulnerability

= 1.5.1 =

* Fix for PHP 5.2
Expand Down

0 comments on commit ad4ba17

Please sign in to comment.