Potential False-Positive S3 Media Maestro plugin

  • Resolved JVM Design

    (@jvmd)


    1 year, 3 months ago

    Hi there – We found what might be a false positive in a file in s3 Media Maestro (/s3-media-maestro/vendor/aws/aws-crt-php/gen_stub.php). The file hasn’t been updated since May and we’ve run scans since then where it didn’t show (just started showing today). The file has 1999 lines but at the top we see this:
    // This is a copy of the gen_stub.php from the PHP build scripts, modified to
    // generate macros that we can abstract across versions of PHP

    The plugin itself works with WP Courseware to connect to our clients AWS S3 to post video files to WP Courseware pages.

    Would be happy to send file or post full file if you need.

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Eli

    (@scheeeli)

    Is this a premium plugin? I don’t see it on the WordPress Plugin Repository.

    Yes, please send me the file so that I can investigate this further.

    Plugin Author Eli

    (@scheeeli)

    I think I found the code, based on the file name you gave me: https://github.com/awslabs/aws-crt-php/blob/main/gen_stub.php

    This code is flagged by SiteLock as suspicious, but from what I can tell it cannot be exploited via direct URL calls as the parameters must all be passed from the command line.

    I am whitelisting this file for now but I will keep my eyes open for any signs that this code could be used maliciously, so I might update this definition in the future if I ever get confirmation of an exploit in this code.

    Thread Starter JVM Design

    (@jvmd)

    Thanks, Eli and sorry I missed your email. Was out of town then had to have an emergency wisdom tooth extraction. Yeah that s3 Media Maestro is a premium plugin from https://flyplugins.com/s3-media-maestro/ I think you did find the file though.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Potential False-Positive S3 Media Maestro plugin’ is closed to new replies.