Skip to content

fix: security audit round 2 - XSS, JSON-LD injection, die() replacement#230

Merged
sushmak02 merged 2 commits intorelease-candidatefrom
fix/security-audit-round2
Mar 10, 2026
Merged

fix: security audit round 2 - XSS, JSON-LD injection, die() replacement#230
sushmak02 merged 2 commits intorelease-candidatefrom
fix/security-audit-round2

Conversation

@akshayurankar48
Copy link
Contributor

@akshayurankar48 akshayurankar48 commented Mar 6, 2026

Summary

Fixes #229

  • Sanitize $_SERVER values in get_the_ip() to prevent XSS
  • Escape IP output in rating form hidden field
  • Use wp_json_encode with JSON_HEX_TAG to prevent JSON-LD script injection
  • Escape product_rating option output to prevent stored XSS
  • Replace die() with wp_send_json_error/wp_send_json_success in rating handlers
  • Sanitize nonce field in submit_color() before wp_verify_nonce()

Test plan

  • Submit a rating on frontend - verify it saves and response works
  • Check video schema output on a post with video type - verify valid JSON-LD
  • Save color customization in admin - verify AJAX response
  • Verify no regressions in schema output for Product type

🤖 Generated with Claude Code

akshayurankar48 and others added 2 commits March 6, 2026 13:22
@akshayurankar48 @claude
fix: security audit round 2 - XSS, JSON-LD injection, die() replacement
b63b759 
- Sanitize $_SERVER values in get_the_ip() to prevent XSS
- Escape IP output in rating form hidden field
- Use wp_json_encode with JSON_HEX_TAG to prevent JSON-LD script injection
- Escape product_rating option output to prevent stored XSS
- Replace die() with wp_send_json_error/success in rating handlers
- Sanitize nonce field in submit_color before wp_verify_nonce

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@akshayurankar48 @claude
fix: email header injection, die() replacement, nonce sanitization
56f36e6 
- Strip CRLF from name/email in From: header to prevent email header injection
- Replace die() with wp_send_json_success/error in submit_request() and submit_color()
- Add sanitize_text_field(wp_unslash()) around nonce values in admin/index.php form handlers

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@sushmak02 sushmak02 merged commit 5982d31 into release-candidate Mar 10, 2026
1 of 2 checks passed
@sushmak02 sushmak02 deleted the fix/security-audit-round2 branch March 10, 2026 05:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sushmak02 sushmak02 sushmak02 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@akshayurankar48 @sushmak02