Documentation → Developer Resources

Security Considerations

How Developer Sitemap protects your site and data.

Security Principles

Developer Sitemap follows WordPress security best practices:

  • Principle of Least Privilege — Only administrators can access settings
  • Defense in Depth — Multiple layers of input validation
  • Fail Secure — Errors default to safe behavior
  • Data Minimization — Only stores essential configuration

Access Control

Capability Requirements

ActionRequired Capability
View admin pagesmanage_options
Modify settingsmanage_options
Regenerate sitemapmanage_options
View sitemap publiclyNone (public access)

Nonce Verification

All form submissions verify WordPress nonces to prevent CSRF attacks:

// Nonces are verified on every form submission
if (!wp_verify_nonce($_POST['_wpnonce'], 'developer_sitemap_settings')) {
    wp_die('Security check failed');
}

Input Validation

All user input is validated and sanitized:

Input TypeValidation Method
Checkbox valuessanitize_text_field(), cast to boolean
Priority valuesFloat validation, clamped to 0.0-1.0
Cache durationInteger validation, min/max bounds
Post IDsabsint(), existence verification
Arraysarray_map() with appropriate sanitizer

Output Escaping

All output is escaped to prevent XSS attacks:

ContextEscaping Function
HTML outputesc_html()
HTML attributesesc_attr()
URLsesc_url()
JavaScriptesc_js(), wp_json_encode()
XML contentCustom XML escaping for sitemap protocol

Data Storage

What Is Stored

DataLocationPurpose
Settingswp_optionsConfiguration storage
CacheTransientsPerformance optimization

What Is NOT Stored

  • User credentials
  • Personal information
  • External service tokens
  • Tracking or analytics data

Sitemap Security

Public vs. Private Content

The sitemap only includes publicly accessible content:

Content TypeIncluded?
Published posts/pagesYes
Draft contentNo
Private postsNo
Password-protected postsNo
Hidden productsNo

XML Injection Prevention

All sitemap content is escaped to prevent XML injection:

  • URLs are validated and encoded
  • Special characters are escaped
  • Invalid XML characters are removed

Uninstall Cleanup

When uninstalled, the plugin removes all data:

  • All plugin options from wp_options
  • All cached transients
  • No orphaned data remains

Reporting Vulnerabilities

If you discover a security vulnerability, please report it responsibly:

  1. Do not disclose publicly until fixed
  2. Email security concerns to the plugin author
  3. Include detailed reproduction steps
  4. Allow reasonable time for response