Vulnerabilities Exists in Popular WordPress Plugins Too

https://secupress.me/blog/vulnerabilities-popular-wordpress-plugins/
Never assume that the most known, most common, most used plugins are free of vulnerabilities, or the opposite. However, the more an extension evolves, the more it tends to “create” vulnerabilities, and to patch them, and the less a plugin evolves, the more it tends to be discovered as a vulnerable one. Let’s take a […] The post Vulnerabilities Exists in Popular WordPress Plugins Too appeared first on SecuPress.

WPS Child Theme Generator v1.1 Multiples Vulnerabilities

https://secupress.me/blog/wps-child-theme-generator-v1-1-multiples-vulnerabilities/
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is high. Directory Traversal File /classes/helpers.php Issue : Validation patterns (all) are a good idea and good UX, but are not enogh to protect that PHP will get the correct values related to their pattern. It’s possible to send […] The post WPS Child Theme Generator v1.1 Multiples Vulnerabilities appeared first on SecuPress.

WPS Bidouille v1.12.2 Multiples Vulnerabilities

https://secupress.me/blog/wps-bidouille-v1-12-2-multiples-vulnerabilities/
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is medium. CSRF #1 File : /classes/plugin.php Line 355-358 Function count_notif() Issue : Lack of nonce token, we can here give this link to a logged-in administrator or include it in a hidden page with POST method: https://example.com/wp-admin/admin-ajax.php?action=count_notif with […] The post WPS Bidouille v1.12.2 Multiples Vulnerabilities appeared first on SecuPress.

WPS Cleaner v1.4.4 Multiples Vulnerabilities

https://secupress.me/blog/wps-cleaner-v1-4-4-multiples-vulnerabilities/
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is high. Disclose File : /classes/plugin.php Line 1070 : $files = esc_attr( $_POST[‘files’] ); Issue : No control of the sent IDs to be sure they are attached media so we can change IDs to select any other (private […] The post WPS Cleaner v1.4.4 Multiples Vulnerabilities appeared first on SecuPress.

WPS Limit Login v1.4.5 Multiple Vulnerabilities

https://secupress.me/blog/wps-limit-login-v1-4-5-multiple-vulnerabilities/
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is medium. Protection ByPass File : /classes/plugin.php Method : get_address() Issue : This method will read the variable HTTP_X_FORWARDED_FOR which is, like its name says, a cross data with the browser (HTTP X (X = Cross)). It’s enough to […] The post WPS Limit Login v1.4.5 Multiple Vulnerabilities appeared first on SecuPress.

WPS Hide Login v1.5.2.2 Multiples Vulnerabilities

https://secupress.me/blog/wps-hide-login-v1-5-2-2-multiples-vulnerabilities/
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is low. Protection ByPass #1 File : /classes/plugins.php Lines : 427  Issue : If the URL contains “action=confirmaction” it’s enough to acces the login page.  Demo : https://example.com/wp-login.php?SECUPRESSaction=confirmaction Protection ByPass #2 File : /classes/plugins.php Lines : 477-480 Issue : […] The post WPS Hide Login v1.5.2.2 Multiples Vulnerabilities appeared first on SecuPress.

Advent Calendar for WordPress Security

https://secupress.me/blog/advent-calendar-wordpress-security/
The Advent Calendar of WordPress Security for those who want secure sites.A new trick every day, around midnight, around. 01st December 2018 Move the Login Page 02nd December 2018 Force Strong Passwords 03rd December 2018 Allow Automatic Updates 04th December 2018 Coming soon. 05th December 2018 Coming soon. 06th December 2018 Coming soon. 07th December […] The post Advent Calendar for WordPress Security appeared first on SecuPress.