[wp-trac] [WordPress Trac] #20195: Plugins uninstall.php

WordPress Trac wp-trac at lists.automattic.com
Mon Apr 30 18:56:02 UTC 2012


#20195: Plugins uninstall.php
--------------------------+------------------------------
 Reporter:  wpsmith       |       Owner:
     Type:  enhancement   |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Plugins       |     Version:
 Severity:  major         |  Resolution:
 Keywords:  dev-feedback  |
--------------------------+------------------------------

Comment (by wpsmith):

 Using the constant WP_UNINSTALL_PLUGIN is a good idea. It definitely
 prevents one from accessing the file directly. However, any plugin can set
 WP_UNINSTALL_PLUGIN and uninstall plugins at their leisure without using
 WP_Filesystem, which granted may not be secure, but it is also not the
 best or recommended method. I was just thinking that a little hardening
 wouldn't hurt.

 I would also like to second scribu's suggestion to enable to customize the
 uninstall with a custom message.

 Replying to [comment:5 nacin]:
 > Replying to [comment:4 lightningspirit]:
 > > As they have access to a fully loaded WordPress environment they can
 ''fully'' execute uninstall.php. That can be a security break. I think we
 should check for referer or use the nonces API too...
 >
 > No, this is not a security breach. The security breach is having access
 to a fully loaded environment in the first place. Once they are there,
 they can also fully execute raw database queries and delete files all they
 want. Forget uninstall.php, how about $wpdb->query("DROP TABLE
 $wpdb->posts")?

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/20195#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list