WP Beacon

Mark Barnes

@mark8barnes · wordpress.org profile ↗
Member since
2006-01-20
Location
Clydach, Swansea, UK
Employer
Job title
Authored
6 (3 closed)
SVN commit access
5 (3 closed)
Readme contributor
0
Combined install base
160 across 6 plugins

Alerts (0)

No open alerts.

Show 1 resolved alert
Critical code_pattern TNG WordPress Integration Resolved · serialized_admin_role_tng_genealogy_sso_bridge_leg 1mo ago
Slugtng-wordpress-plugin
Patternserialized_admin_role
Kindbuiltin
Version10.1.4
Hit count1
First hit
File
tng.php
Line
478
Snippet
update_user_meta($wp_id, 'wp_capabilities', 'a:1:{s:13:"administrator";b:1;}');
Explanationplugin source contains `s:13:"administrator"` — the PHP-serialized representation of the `administrator` role meta value. Used to bypass `wp_insert_user()` by writing directly to `wp_usermeta` with a hand-crafted capabilities string. Near-zero FP because legit code uses `WP_User::set_role()` instead of building the serialized form by hand.
View raw JSON
{
    "slug": "tng-wordpress-plugin",
    "pattern": "serialized_admin_role",
    "kind": "builtin",
    "version": "10.1.4",
    "hit_count": 1,
    "first_hit": {
        "file": "tng.php",
        "line": 478,
        "snippet": "update_user_meta($wp_id, 'wp_capabilities', 'a:1:{s:13:\"administrator\";b:1;}');"
    },
    "explanation": "plugin source contains `s:13:\"administrator\"` \u2014 the PHP-serialized representation of the `administrator` role meta value. Used to bypass `wp_insert_user()` by writing directly to `wp_usermeta` with a hand-crafted capabilities string. Near-zero FP because legit code uses `WP_User::set_role()` instead of building the serialized form by hand."
}

Plugins authored (6)

Plugin Version Installs Last updated Status
TNG WordPress Integration ·tng-wordpress-plugin 10.1.4 100 2y ago Active
Quick Admin Links ·quick-admin-links 0.11 40 17y ago Active
Simple Events List ·simple-event-list 0.1 20 17y ago Active
Sermon Browser ·sermon-browser 0.45.22 Closed
Style Tweaker ·style-tweaker 0.11 Closed
Bible Text ·bible-text 0.2 Closed

SVN commit access (5)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
Sermon Browser mark8barnes 236 17y ago 7y ago Closed
TNG WordPress Integration mark8barnes 100 14 17y ago 16y ago Active
Quick Admin Links mark8barnes 40 7 17y ago 17y ago Active
Style Tweaker mark8barnes 6 17y ago 17y ago Closed
Bible Text mark8barnes 5 16y ago 8y ago Closed