About month ago, a vulnerability was reported in one of our plugins (GD Rating System), related to unsanitized input used to load different plugin admin side panels, allowing loading of arbitrary files instead.
The good news about this is that this vulnerability has no known exploits. That means that so far, no one has created a viable method of attack that will use this vulnerability, and it is highly unlikely that any damage could be done because this vulnerability requires very specific circumstances – it can’t be exploited :
- This vulnerability is exposed only if the logged in user is an administrator – plugin’s pages are not registered or loaded for other user roles or visitors.
- Method 2 – Load file: this attack is even harder to do, because it requires that attacker somehow knows exact structure of the website or he can upload malicious file in some way, and if that happens, then the website is already hacked in some way, and there are better ways to load malicious files then.
In any case, the vulnerability is fixed in all Dev4Press plugins, and fixed versions were deployed in the past 3 weeks. All plugins now have improved sanitation of input variables and check for the existence of the panel files before loading. In the process of fixing this, all plugins received various other fixes and improvements. So, you just need to update to latest plugin version, and there will be no risk of the malicious attack through any of our plugins (even without that, the risk was minimal).
If you notice any problems with our plugins, if you find any potential vulnerabilities, please let me know, and I will do my best to fix the problems as soon as possible.