patrick1994's Replies

Forum Replies Created

Viewing 15 replies - 1 through 15 (of 30 total)

1 2 →

Forum: Plugins
In reply to: [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall] Slider Revolution 6.7.54 critical security update (false flag?)

patrick1994
(@patrick1994)

2 weeks, 6 days ago

“This makes it possible for authenticated attackers, with subscriber-level access and above, to upload files that may be executable, which makes remote code execution possible. The vulnerability was partially patched in version 7.0.10 and fully patched in version 7.0.11.”

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/revslider/slider-revolution-700-7010-authenticated-subscriber-arbitrary-file-upload-via-get-media-url

It only affects versions 7.0.0 to 7.0.10, though (see source).

On Patchstack, vulnerabilities are unlisted for the first 48h, they only show up via direct link. E.g. when WP Toolkit (included in Plesk, for example) detects a vulnerability, it links to it but you cannot find it listed, anywhere.

Forum: Plugins
In reply to: [Advanced Access Manager – Access Governance for WordPress] [Error] New 7.0 version: PHP Fatal error. undefined function wp_is_rest_endpoint

patrick1994
(@patrick1994)

1 year ago

There is also get_user, which requires 6.7+

Apparently, 7.0 has not been tested well if at all on old WP versions.

Forum: Plugins
In reply to: [SEOPress - AI SEO Plugin & On-site SEO] 301 redirection to /sitemaps.xml not reliable

Thread Starter patrick1994
(@patrick1994)

1 year, 11 months ago

I am confused as I feel my post contains all the necessary info, I suppose your fix is supposed to be in a different place?? Anyway, here are some screenshots. You asked for this one, right?
https://imgur.com/a/bcQNIVb

Here are more:
https://imgur.com/a/P1sN1VG
https://imgur.com/a/yaLsJyx

Forum: Plugins
In reply to: [SEOPress - AI SEO Plugin & On-site SEO] 301 redirection to /sitemaps.xml not reliable
Thread Starter patrick1994
(@patrick1994)

1 year, 11 months ago
The code does not look like it is solved, but if you say it has been solved, I should at least check it…

Edit: There we go. Not fixed.

wp-seopress version: 7.8
wp-seopress-pro version: 7.8

Your code in 7.8 with debugging code added by me:
```
    public function sitemapShortcut() {
        if ('1' !== seopress_get_toggle_option('xml-sitemap')) {
            return;
        }

        if ('1' !== seopress_get_service('SitemapOption')->isEnabled()) {
            return;
        }

        //Redirect sitemap.xml to sitemaps.xml
                $path = sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) );
var_dump($path);

        if (in_array($path, [
                '/sitemap.xml/',
                '/sitemap.xml',
                '/wp-sitemap.xml/',
                '/wp-sitemap.xml',
                '/sitemap_index.xml/',
                '/sitemap_index.xml',
            ])) {
                die("worked");
            wp_safe_redirect(get_home_url() . '/sitemaps.xml', 301);
            exit();
        }else{
                die("did not work");
        }
    }
}
```
URL:
https://mydomain.xyz/subdir/sitemap.xml

Output:
string(18) “/subdir/sitemap.xml”
did not work
- This reply was modified 1 year, 11 months ago by patrick1994.
Forum: Plugins
In reply to: [SEOPress - AI SEO Plugin & On-site SEO] Crash in WP admin due to robots_txt hooked function

Thread Starter patrick1994
(@patrick1994)

1 year, 12 months ago

Alright.

I just want to add that method_exists has been throwing a TypeError with param null since PHP 8.0, might be worth looking into for the entire code base.

Forum: Plugins
In reply to: [SEOPress - AI SEO Plugin & On-site SEO] 301 redirection to /sitemaps.xml not reliable

Thread Starter patrick1994
(@patrick1994)

1 year, 12 months ago

Hi there,

any news?

Forum: Reviews
In reply to: [Contact Form 7] Hacked three times
patrick1994
(@patrick1994)

2 years, 2 months ago
Use the Patchstack plugin to scan for vulnerable plugins or just search the Patchstack vulnerability database by hand (though that will not protect you from future problems unless you do that daily).
- This reply was modified 2 years, 2 months ago by patrick1994.
Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] WordFence warnings: deprecated php

patrick1994
(@patrick1994)

2 years, 4 months ago

“Deprecated” means “you should change this, else in some future version of – depending on the context PHP, Woocommerce, whatever – you will get problems”.

Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] Site hac and save post smtp version
patrick1994
(@patrick1994)

2 years, 4 months ago
This answer is not of very much use. Refer to the changelog:

2.7.0 – 2023-10-26
- NEW – Added support for POST SMTP app. Visit documentation for more information
Presumably, this version introduced the vulnerability.
Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] site hacked email log, now what?
patrick1994
(@patrick1994)

2 years, 4 months ago
Hi there,

I am not an expert at all, here are my 2ct:

Your log does not contain a login. A login would look like this:[17/Jan/2024:21:51:10 +0100] “POST /wp-login.php HTTP/2.0” 302 0
The 302 in the log means that the login was successful. The next request could then be to /wp-admin/.

For each login, gather info about the IP: Country, ISP, time (check your browser history and that of your colleagues if applicable and check whether that was you). If you can say for certain that there are no suspicious IPs that have logged in, then you are fine.

Else, you really should restore the backup. Hackers can install hard to find backdoors and a hacked shop sounds pretty dangerous to me. 😀

Note that you did not mention anything about the app connection. Go to Post SMTP -> Mobile App (or whatever the menu entry is) and check whether there is still a device connected.

For me, it said “Android device connected – Disconnect”. When I clicked “disconnect” and refreshed the page, it still said “Disconnect” but the Android device was gone. Whatever that means. I simply restored the backup.

I don’t know if multiple device can be connected (whether intended by the devs or not) and if yes, whether you can disconnect them all. Tbh, I would just deactivate the plugin.

PS: I see there is a “Disconnect App” plugin now. I guess the native disconnect feature is broken or insufficient? See

https://ww.wp.xz.cn/support/topic/latest-version-2-8-8-caused-physical-memory-issues/#post-17340500
- This reply was modified 2 years, 4 months ago by patrick1994.
Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] Latest Version 2.8.8 – caused physical memory issues

patrick1994
(@patrick1994)

2 years, 4 months ago

Hi @edash22

“I have deactivated the plugin for now. If it is inactive, is it still vulnerable?”

Nah, dw about it. Do not take this the wrong way, *other* vulnerabilities in any plugin *could* affect you even if the plugin is inactive, but *not* this one.

I could write whole essays on what to do next, but if none of your passwords have been changed and you stop using this plugin, you should be 😉 safe. If you want to reactivate this plugin later, ensure that nobody has connected their “phone app” to the plugin – just to be safe. ^^ For that, go to “Post SMTP” -> “Mobile App” in the side menu.

Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] site hacked through post smtp 2.8.6 email log

patrick1994
(@patrick1994)

2 years, 4 months ago

tl;dr update to 2.8.8 or later

see https://ww.wp.xz.cn/support/topic/possible-leakage-of-email-logs/

Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] Post SMTP Email Logs
patrick1994
(@patrick1994)

2 years, 4 months ago
xyz.com/wp-admin/admin.php?page=postman_email_log

export button on the right. Screenshot: https://imgur.com/a/sPmbunc

I am not sure if this actually works, anymore – as in, if it contains the newer emails. Memory is old.

You can try dumping your database and using the search feature to find the mails, too, depending on your level of desparation.

PS: You might need to go to the “Plugins” page ( /wp-admin/plugins.php ) and then click the “Settings” link under Post SMTP. This plugin has become more and more broken, apparently.
- This reply was modified 2 years, 4 months ago by patrick1994.
Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] Latest Version 2.8.8 – caused physical memory issues
patrick1994
(@patrick1994)

2 years, 4 months ago
@edash22 v 2.8.7 is affected by a critical vulnerability, in other words anyone can take over your website until you update the plugin again (you need to update to 2.8.8 or higher). This particular “hack” involves using the password reset feature and then grabbing the password reset email. So if you find such an email in your inbox that most likely means that you have been hacked.
- This reply was modified 2 years, 4 months ago by patrick1994.
Forum: Plugins
In reply to: [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App] Post SMTP Email Logs
patrick1994
(@patrick1994)

2 years, 4 months ago
Are you sure the logs are actually empty and it is not just the backend display that is broken? Have you tried exporting the logs as CSV or whatever and reading them that way? That is how I dealt with it myself. I have only tried this in one instance and it worked.
- This reply was modified 2 years, 4 months ago by patrick1994.

Viewing 15 replies - 1 through 15 (of 30 total)

1 2 →