Security warning from VaultPress

  • Resolved Amandomino

    (@amandomino)


    7 years, 4 months ago

    Received the following in an email from VaultPress after installing the plugin. I had to delete the plugin anyway since it made my backend completely inaccessible. 

    Our security scanners found 1 new security threats since the last email notification. Please visit the VaultPress security page for more details.

Suspicious Code

Our security scanners detected the following possible security issues. We recommend that you review the affected files.

PHP.Generic.BadPattern.5

This code pattern is often used to run a very dangerous shell programs on your server. The code in these files needs to be reviewed, and possibly cleaned.

Help Document

plugins/wp-seo-keyword-optimizer.bak/includes/google-api-php-client-2.1.0/vendor/guzzlehttp/guzzle/src/Middleware.php
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author bavoko.tools

    (@bavokoservices)

    Hello Amandomino,

    sorry for our late response and thank you for reaching out to us. The message shown by VaulPress is blocking a code from the Google Search API (as implied by the file path). We assure that this is an unmodified version, where only a few Readme/compiling files have been deleted to reduce overall size. As said the referenced API is an official Google product, so generally speaking it should be safe. However it is still in it’s beta phase and we will have a look at this first. We will update you when the cause of the problem is found.

    Regards,
    BAVOKO Services

    Plugin Author bavoko.tools

    (@bavokoservices)

    Hello again,

    we have tracked the code and it seems like the following pattern is causing this error:

    return function (callable $handler) {
     return function ($request, array $options) use ($handler) {
          ...
     };
};

    However this is a valid pattern to use and we are not intending on modifing any of the third party libraries. Especially as we trust in the quality of Google API’s. As for the resulting backend error: Can you flag the plugin as “unrisky” or something like that in VaultPress? It seems like VaultPress is blocking the backend because of the found risk. Or is this an unusual behaviour?

    If you have any concerns about this, please let us know. Also please refer to these similar threads:

    Thread 1
    Thread 2
    Thread 3

    Regards,
    BAVOKO Services

    • This reply was modified 7 years, 4 months ago by bavoko.tools.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security warning from VaultPress’ is closed to new replies.