Open bobbingwide opened 4 years ago
The password field on the WordPress login form is called pwd
.
At trace startup this may traced as part of the $_REQUEST
and $_POST
arrays.
wp-content\plugins\oik-bwtrace\includes\class-BW-trace-controller.php(414:0) trace_startup(2) 3 0 2019-12-05T10:00:56+00:00 0.002429 0.000441 cf! 15 1 0 2097152/2097152 256M F=187 _REQUEST Array
(
[log] => username
[pwd] => password
[rememberme] => forever
[wp-submit] => Log In
[redirect_to] => https://s.b/wordpress/wp-admin/
[testcookie] => 1
)
For Add New user, two passwords are sent in pass1
and pass2
.
wp-content/plugins/oik-bwtrace/includes/class-BW-trace-controller.php(414:0) trace_startup(2) 8 0 2019-12-05T10:14:31+00:00 0.005290 0.000166 cf! 16 1 0 2097152/2097152 256M F=188 _REQUEST Array
(
[action] => createuser
[_wpnonce_create-user] => 2bf2e6ad18
[_wp_http_referer] => /wordpress/wp-admin/user-new.php
[user_login] => username@example.com
[email] => username@example.com
[first_name] => User
[last_name] => Name
[url] => https://example.com
[pass1] => password
[pass2] => password
[role] => subscriber
[ure_other_roles] =>
[createuser] => Add New User
)
The encrypted password is stored in the wp_users
table.
Tracing of the saved_queries can reveal this value when a new user is created. e.g. $P$BSXeW6bkh846/3xYHXXXBnPAL10/4b0
Posts can also be password protected.
There are instances where tracing could log secret information.This is not a major problem in a development environment but would be an issue in staging or live if the trace files directory is web accessible.
What are the sensible options?