Security issue for Google permissions

  • Resolved pixel007

    (@pixel007)


    7 months, 1 week ago

    Greetings,
    I have a note about the security of your plugin.
    I’ll give you an example.
    My Google Analytics account is connected to the sites “aaa.com” and “bbb.com”.
    I am “admin123” of wordpress of the sites “aaa.com” and “bbb.com”, on which I have configured SiteKit.
    I am not the owner of the hosting on which the sites are installed, but I only access wordpress.
    “aaa-hosting-owner”, the owner of the “aaa.com” hosting, decides to exclude me from managing the site, but does not delete my account.
    Instead, through simple database changes, “aaa-hosting-owner” takes over my wordpress account “admin123”.
    (It’s really very simple. I don’t think I need to explain how to do it.)
    At this point, “aaa-hosting-owner” can access the wordpress site “aaa.com” with my previously “admin123” account and remove my Google Analytics account access from both “aaa.com” and “bbb .com”.
    Obviously “bbb.com” is not owned by “aaa-hosting-owner”, so you shouldn’t be able to unlink it.
    This to me is a very serious security issue.
    And it’s also why I can’t use Sitekit on sites I don’t host.
    I ask:
    1 – Have you considered this problem?
    2 – Is there a solution to avoid allowing these permissions?
    Thank you.
    PS: I hope I was clear and I apologize for the length of the post.

Viewing 1 replies (of 1 total)
  • Plugin Support Adam Dunnage

    (@adamdunnage)

    Hello @pixel007 thank you for getting in touch and raising your concerns for this particular scenario. You made yourself very clear so thank you for that. The overall access to an Analytics property cannot be changed from Site Kit. That is managed from the Analytics platform.

    So in your scenario the hosting owner would be able to take control of your account and therefor have access to Site Kit at that time which would be connected to an Analytics property that you are the owner of. If the hosting owner then decides to disconnect Analytics in Site Kit for that site it will simply just remove that property from the site. If you are the Analytics property owner, you still have control over that property and could revoke the hosting owners access to that property from your Analytics account. More information an Analytics access can be found here.

    I do see your concern in the case where the hosting owner takes control of your WordPress account and therefore has the ability to disconnect modules in Site Kit. That is something I can discuss with the team and if there are any updates I can provide from that I will share them here for you.

    Thanks again for raising this. Is there anything else I can help you with at this time?

Viewing 1 replies (of 1 total)
  • The topic ‘Security issue for Google permissions’ is closed to new replies.