[wp-trac] [WordPress Trac] #61706: Support for storing and getting encrypted options
WordPress Trac
noreply at wordpress.org
Fri Jul 19 06:56:32 UTC 2024
#61706: Support for storing and getting encrypted options
-------------------------+-----------------------------
Reporter: vedjain | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Keywords:
Focuses: |
-------------------------+-----------------------------
This trac ticket is to see if there's any interest in adding support for
encrypted options. Essentially, plugins like WooCommerce store a lot of
sensitive data that has implications beyond just the site, such as Payment
Gateway API Keys, and other integration keys with adjacent systems.
If we had support for encrypted options, that encrypt values from a salt
that's stored in a code file such as wp-config, it would add one more hoop
for a malicious actor to jump through in case of inadvertent data
exposure. That is, a malicious actor would need access to both data as
well as code files to decrypt sensitive values.
The API itself could be as simple as `get_encrypted_option` or
`set_encrypted_option` with a param to migrate an option on the fly. I'd
happy to contribute PR/patches towards this, if we consider this feature.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61706>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list