-
Notifications
You must be signed in to change notification settings - Fork 7
Open
Labels
bugSomething isn't workingSomething isn't working
Description
- I've read and understood the contribution guidelines.
- I've searched for any related issues and avoided creating a duplicate issue.
Please give us a description of what happened
The plugin uses wp_redirect() with user-influenced URLs, parse_url() instead of wp_parse_url(), and unsanitized $_SERVER['REQUEST_URI'] and $_SERVER['HTTP_ACCEPT']. That can introduce an open redirect risk, inconsistent behavior across PHP versions, and potential misuse of untrusted input.
To Reproduce
Step-by-step reproduction instructions
- Install and activate the plugin.
- Visit a
.mdURL or trigger the Accept header negotiation path. - Observe that redirects and URL handling rely on
wp_redirect(),parse_url(), and raw$_SERVERvalues without sanitization.
Expected results
- Redirects use
wp_safe_redirect()to avoid open redirects. - URL parsing uses
wp_parse_url()for consistency across PHP versions. - Input from
$_SERVERis sanitized withwp_unslash()andsanitize_text_field()(or equivalent). - URLs built from user input use
esc_url_raw()where appropriate.
Actual results
wp_redirect()is used for URLs that can be influenced by request data.parse_url()is used instead ofwp_parse_url().$_SERVER['REQUEST_URI']and$_SERVER['HTTP_ACCEPT']are used without sanitization.- URLs are not consistently escaped.
Screenshots, screen recording, code snippet
If possible, please provide a screenshot, a screen recording or a code snippet which demonstrates the bug.
Code snippets showing current usage in RewriteHandler.php:
wp_redirect()with redirect URLs based on$_SERVER['REQUEST_URI']parse_url($request_uri, PHP_URL_PATH)andparse_url($request_uri, PHP_URL_QUERY)$_SERVER['REQUEST_URI'] ?? ''and$_SERVER['HTTP_ACCEPT'] ?? ''without sanitization
Technical info
- If relevant, which editor is affected (or editors):
- Block Editor
- Gutenberg Editor
- Elementor Editor
- Classic Editor
- Other:
- Which browser is affected (or browsers):
- Chrome
- Firefox
- Safari
- Other:
Used versions
- Device you are using:
- Operating system:
- PHP version:
- WordPress version:
- WordPress Theme:
- Plugin version:
- Relevant plugins in case of a bug:
Reactions are currently unavailable
Metadata
Metadata
Labels
bugSomething isn't workingSomething isn't working