I started to receive these WordPress URIs after someone read one of my WordPress posts. This confused me. These are connected to WordPress Failure Notices, but not quite.
The first part, wpcspReceiveCSPviol=1, was once used in a WordPress spoof to redirect people to some other site, but there was no other URL and no redirection.
POST /wp?wpcspReceiveCSPviol=1&wpCSPNonce=6606ca489f HTTP/1.1
It turned out that I had forgotten that I recently installed the WP Content Security Policy Plugin that has not been updated in 11 months. This plugin partially works, but is tested on WordPress 4.2.2 and not the most current version of WordPress. As recommended I had put it into monitor mode and left it. These POSTs showed up in my raw access log as well as the plugin’s log. If I put it into implement mode the plugin moves the right column to the left and breaks some CSS.
The plugin allows me to monitor my site for commonly used URLs so I can implement a Content Security Policy. If you do install this plugin and put it into observe mode, don’t be too surprised when you see these web URIs.
