cPanel warning: Site vulnerabilities found

  • Resolved billbordallo

    (@billbordallo)


    1 year, 9 months ago

    Hey guys,

    I have just received a warning from WP Toolkit, which is a tool that monitors the health of WordPress sites in WHM/cPanel environments.

    The message is the following:

    WP Toolkit has detected new vulnerabilities on WordPress sites under your care. It is strongly recommended to update or disable vulnerable assets on these sites. You can also configure WP Toolkit to perform automatic actions when vulnerabilities are detected.

    WordPress Simple History plugin <= 3.3.1 – CSV Injection vulnerability

    I have not found any mention on that regard in support forum.

    Does anyone know anything about that?

    Meanwhile, I think I will keep the plugin disabled.

    Thanks!

Viewing 7 replies - 16 through 22 (of 22 total)
  • Plugin Author eskapism

    (@eskapism)

    Thanks @84em, that looka like a nice way to go. That solution keeps the data, so that’s good. But still; I can’t confirm that any data that contains those chars actually is passed to the export anywhere, so it’s gonna be difficult to test :/

    @eskapism Yeah I’m not really certain why security vendors are putting such high priority alerts out regarding this. Even OWASP says it is difficult to mitigate and the attack vector is so small that many bug bounty programs won’t even cover it. It seems to me a site visitor would somehow have to successfully save a CSV formula into post content or post/user metadata in order for it to even work. And that seems like a pretty remote possibility…

    For pietgold and paulshultz, thank you for sharing your observation. WordFence is clearly over stating the threat if they are claiming this as critical. Please remember, when you review our entry, Patchstack states this is a Low severity risk. I can not stop WordFence from saying this issue is “critical” if they so choose. (but they’re clearly not helping)

    @eskapism : Can you reach out to me on https://patchstack.com/for-plugins/ and we can start a conversation? I promise we tried publicly listed points of contact for you, but you did not response.

    Once we can get in touch I can share the specific input being used in the security report (but I would rather not share this publicly), I will even be glad to verify the patch for you. Thank you for working on the patch as well. There is another great tip from @84em regarding how Jetpack addresses this. It really is just a filter you need to add before saving data into the CSV.

    Plugin Author eskapism

    (@eskapism)

    @rawrly Sure, I filled out the form there, so you have my contact information.

    Thank you eskapism, I have followed up with further details via email.

    Plugin Author eskapism

    (@eskapism)

    Hey everyone, version 3.4.0 of the plugin is now available. Let me know if upgrading removes the warnings you have had.

    Thanks @rawrly for sharing more details about the vulnerability.

    I scanned my website again using wordfence and no warnings anymore. Thanks for your quick response and updated plugin.

Viewing 7 replies - 16 through 22 (of 22 total)
  • The topic ‘cPanel warning: Site vulnerabilities found’ is closed to new replies.