The Donor Wall API endpoint should only be accessible from authenticated requests.
Currently, the donor wall is available via a public API endpoint. It should not be.
Ideally, only authenticated requests from the front end of WordPress should ahve access to that endpoint.
Though this is not a security issue since none of the data on the endpoint would be qualified as sensitive information, but can be Personally Identifiable Information (PII).
Donors who select to be anonymous are not displayed on the Donor wall.
All of that to say, it still would make sense to resritct access to that endpoint, because some organizations may not use the Donor Wall at all, and currently that endpoint is publicly available regardless.
marked this post as