Fixes #1002 - Addressing the Path Traversal issue in apple-news.php on line 43, as reported.
Overview
Addresses the issue found in #1002 by going a step further and standardizing path computation across the codebase. Where files exist in the same folder or below the current file, __DIR__ is used. Where they exist in part of the tree that branches above the current directory, dirname is used to traverse upwards rather than ...
Background
Protection rules on the server do not allow for the plugin activation because of Path Traversal issue discovered in apple-news.php file on line 43.
Warning: require_once(/var/www/wp-content/plugins/publish-to-apple-news/./includes/meta.php): Failed to open stream: No such file or directory in /var/www/wp-content/plugins/publish-to-apple-news/apple-news.php on line 43
Fatal error: Uncaught Error: Failed opening required '/var/www/wp-content/plugins/publish-to-apple-news/./includes/meta.php' (include_path='.')
in /var/www/wp-content/plugins/publish-to-apple-news/apple-news.php on line 43
Summary
Fixes #1002 - Addressing the Path Traversal issue in apple-news.php on line 43, as reported.
Overview
Addresses the issue found in #1002 by going a step further and standardizing path computation across the codebase. Where files exist in the same folder or below the current file,
__DIR__is used. Where they exist in part of the tree that branches above the current directory,dirnameis used to traverse upwards rather than...Background
Protection rules on the server do not allow for the plugin activation because of Path Traversal issue discovered in apple-news.php file on line 43. Warning: require_once(/var/www/wp-content/plugins/publish-to-apple-news/./includes/meta.php): Failed to open stream: No such file or directory in /var/www/wp-content/plugins/publish-to-apple-news/apple-news.php on line 43 Fatal error: Uncaught Error: Failed opening required '/var/www/wp-content/plugins/publish-to-apple-news/./includes/meta.php' (include_path='.') in /var/www/wp-content/plugins/publish-to-apple-news/apple-news.php on line 43
Steps To Reproduce
Plugin activation action.