Security question

  • Erick

    (@relozo)


    1 week ago

    Hi,

    Hope you’re well.

    Does using unserialize cause a security issue within your plugin?

    /updraftplus/includes/PEAR/HTTP/Request2/CookieJar.php at line 440

    Using unserialize is well known for causing remote code execution issues when unserializing untrusted input. This is caused by unserialize’s support for creation of random PHP objects.

Viewing 1 replies (of 1 total)
  • Plugin Support nrobertsudp

    (@nrobertsudp)

    1 week ago

    Hi Erick,

    Thanks for your message.

    I’ve forwarded it to development and will update with any feedback I receive.

    Best regards,

    Nick

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.