Securing Plugin Data in WordPress From Access by Other Plugins?
Posted
by farinspace
on Stack Overflow
See other posts from Stack Overflow
or by farinspace
Published on 2010-06-10T06:15:54Z
Indexed on
2010/06/10
10:32 UTC
Read the original article
Hit count: 296
There probably is some solution to this, whether it involves code running on just the wordpress installation or a combination of a wordpress installation and a master server I am not sure yet, but please remember not to have tunnel vision and consider any and all possible solutions:
The scenario is this: A WordPress plugin (plugin-A) that manages some sort of valuable data (something that the admin would not want stolen), lets say, lead data with user's name and email addresses, the plugin uses its own db tables.
Other than the obvious (which is the admin installing plugin-B, not knowing its malicious intent), what is to prevent another WordPress plugin (plugin-B) from accessing plugin-A data or hacking plugin-A files to circumvent security.
© Stack Overflow or respective owner