php.wordpress-plugins.security.audit.wp-authorisation-checks-audit.wp-authorisation-checks-audit
semgrep
Author
unknown
Download Count*
License
These are some of the patterns used for authorisation. Look properly if the authorisation is proper or not.
Run Locally
Run in CI
Defintion
rules:
- id: wp-authorisation-checks-audit
patterns:
- pattern: $FUNCTION(...)
- metavariable-regex:
metavariable: $FUNCTION
regex: current_user_can|is_admin|is_user_logged_in|is_user_admin
message: These are some of the patterns used for authorisation. Look properly if
the authorisation is proper or not.
paths:
include:
- wp-content/plugins/**/*.php
languages:
- php
severity: WARNING
metadata:
category: security
confidence: LOW
likelihood: LOW
impact: MEDIUM
subcategory:
- audit
technology:
- Wordpress Plugins
references:
- https://github.com/wpscanteam/wpscan/wiki/WordPress-Plugin-Security-Testing-Cheat-Sheet#authorisation
owasp:
- A01:2021 - Broken Access Control
cwe:
- "CWE-285: Improper Authorization"
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
vulnerability_class:
- Improper Authorization
Examples
wp-authorisation-checks-audit.php
<?php
// ruleid: wp-authorisation-checks-audit
if ( is_admin() ) {
}
// ruleid: wp-authorisation-checks-audit
return is_user_logged_in() ? get_current_user_id() : '';
// ruleid: wp-authorisation-checks-audit
if ( ! current_user_can( 'install_languages' ) ) {
}
// ok: wp-authorisation-checks-audit
get_current_user_id();
?>
Short Link: https://sg.run/DqeP