security patch

oceanwp · Nov 27, 2023 · 0950483 · 0950483
1 parent 4e0ad32
commit 0950483
Show file tree

Hide file tree

Showing 7 changed files with 59 additions and 280 deletions.
diff --git a/changelog.txt b/changelog.txt
@@ -1,5 +1,8 @@
 == Changelog ==
 
+= 2.2.3 - NOV 27 2023 =
+- Fixed: Potential vulnerability patched. Report by Patchstack from Nov 23rd 2023.
+
 = 2.2.2 - NOV 14 2023 =
 - Added: Metabox Settings: Image Gallery support when Classic Editor plugin is in use.
 

diff --git a/includes/panel/assets/js/demos.js b/includes/panel/assets/js/demos.js
@@ -493,6 +493,7 @@
 				type: 'POST',
 				data: {
 					action : 'owp_ajax_required_plugins_activate',
+					_wpnonce: owpDemos.demo_plugins_activate_nonce,
 					init   : $init,
 				},
 			} ).done( function( result ) {
@@ -530,6 +531,7 @@
 					type: 'POST',
 					data: {
 						action : 'owp_ajax_required_plugins_activate',
+						_wpnonce: owpDemos.demo_plugins_activate_nonce,
 						init   : $init,
 					},
 				} ).done( function( result ) {

diff --git a/includes/panel/assets/js/demos.min.js b/includes/panel/assets/js/demos.min.js
diff --git a/includes/panel/demos.php b/includes/panel/demos.php
@@ -101,12 +101,13 @@ public static function scripts( $hook_suffix ) {
 				wp_enqueue_script( 'owp-demos-js', plugins_url( '/assets/js/demos.min.js', __FILE__ ), array( 'jquery', 'wp-util', 'updates' ), '1.1', true );
 
 				wp_localize_script( 'owp-demos-js', 'owpDemos', array(
-					'ajaxurl'                 => admin_url( 'admin-ajax.php' ),
-					'demo_data_nonce'         => wp_create_nonce( 'get-demo-data' ),
-					'owp_import_data_nonce'   => wp_create_nonce( 'owp_import_data_nonce' ),
-					'content_importing_error' => esc_html__( 'There was a problem during the importing process resulting in the following error from your server:', 'ocean-extra' ),
-					'button_activating'       => esc_html__( 'Activating', 'ocean-extra' ) . '&hellip;',
-					'button_active'           => esc_html__( 'Active', 'ocean-extra' ),
+					'ajaxurl'                     => admin_url( 'admin-ajax.php' ),
+					'demo_data_nonce'             => wp_create_nonce( 'get-demo-data' ),
+					'owp_import_data_nonce'       => wp_create_nonce( 'owp_import_data_nonce' ),
+					'demo_plugins_activate_nonce' => wp_create_nonce( 'demo_plugins_activate_nonce' ),
+					'content_importing_error'     => esc_html__( 'There was a problem during the importing process resulting in the following error from your server:', 'ocean-extra' ),
+					'button_activating'           => esc_html__( 'Activating', 'ocean-extra' ) . '&hellip;',
+					'button_active'               => esc_html__( 'Active', 'ocean-extra' ),
 				) );
 
 			}
@@ -1158,6 +1159,10 @@ public static function required_plugins( $plugins, $return ) {
 		 */
 		public function ajax_required_plugins_activate() {
 
+			if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'demo_plugins_activate_nonce' ) ) {
+				die( 'Permission check failed' );
+			}
+
 			if ( ! current_user_can( 'install_plugins' ) || ! isset( $_POST['init'] ) || ! $_POST['init'] ) {
 				wp_send_json_error(
 					array(