Fix security vulnerability in admin modules

- The Module\BaseAdmin::post method checked credentials but didn't abort the process when it failed - Created Module\BaseAdmin::checkAdminAccess method
2025-06-08 13:14:27 +02:00 · 2020-09-08 10:44:27 -04:00 · 2020-09-08 10:44:27 -04:00 · 3efa8648c5
commit 3efa8648c5
parent 9bc2c5a52e
12 changed files with 29 additions and 36 deletions
--- a/src/Module/Admin/PhpInfo.php
+++ b/src/Module/Admin/PhpInfo.php
@ -27,7 +27,7 @@ class PhpInfo extends BaseAdmin
 {
 	public static function rawContent(array $parameters = [])
 	{
-		parent::rawContent($parameters);
+		self::checkAdminAccess();

 		phpinfo();
 		exit();