I have wrestled with this question since the last entry in this series about WordPress plugin security. As I know this series will be used as a resource for the larger WordPress community, I think it’s necessary to abstract these issues enough that average non-technical users can understand and that doesn’t single out a single issue or two while leaving others unaddressed.
What is a dangerous combination?
Plugins that depend on user permissions
Plugins that grant registered users the ability to do something should be scrutinized. With the advent of the WordPress 2.x series, many plugins that worked in the 1.5.x stream no longer worked as expected. This was because WordPress 1.5 used User Levels, a range of numbers from 0 to 10 that gave people various levels of access. In WordPress 2, user levels were deprecated in favor of Role and Capabilities that gave people roles such as Administrator, Editor, Author, Contributor or Subscriber.
Plugins that rely on user permissions can incorrectly grant access to functionality that is best left to an administrator. For instance, a plugin could place a submenu in the admin panel in the Manage or Options page that could grant access to other features in those areas. By default, WordPress restricts access to these pages to privileged users. A poorly written plugin, could throw all that away.
Careless Use of Role Manager
Owen Winkler wrote a popular plugin called Role Manager which, as powerful and useful as it is (I use it on some blogs), increases the chance of opening up a backdoor for a malicious user. I love this plugin as it allows me the opportunity to tweak user access to WordPress functionality. It even allows me to create whole new roles, such as “Designer” that might give my designer access to the Presentation menu without granting full administrative privileges.
However, if I’m not careful, I could tweak permissions in such a way to allow inappropriate access to areas of my blog. You may think that only a careless blogger allows anyone access to a blog. Some blogs legitimately restrict, say, commenting to registered users and if a user is registered, they have access to a limited admin panel (mostly to change passwords and other user profile options). Use of the Role Manager plugin, in conjunction with item #1 above, plugins depending on user permissions, could open your blog up to a world of hurt.
These are a few dangerous combinations. There are more and I could be even more specific. Maybe another post later on.
Table of contents for WordPress Plugin Security
- Understanding Implications of WordPress Plugin Security
- WordPress Plugin Security: The Golden Rule
- WordPress Plugin Security: What is Dangerous?
- WordPress Plugin Security: Dangerous Combinations
- WordPress Plugin Security: Less is More
Stumble it!
About the Author: Aaron Brazell is the lead editor of Technosailor.com and a social media expert. His passion is to see companies and individuals use the internet and web technologies wisely and effectively to promote their brands and companies. He served as Director of Technology at b5media from 2005-2008 and is currently an independent consultant.
[...] WordPress Plugin Security: Bad Combinations Share this Post:These icons link to social bookmarking sites where readers can share and discover new web pages. [...]