Possible Exploit in code

  • Resolved borpin2

    (@borpin2)


    6 years, 10 months ago

    This plugin has been identified by my webhost as having a possible exploit.

    Critical! – Directory Access Disabled – Jan 2 15:22:44 beryllium [‘/home/borpinco/tech.borpin.co.uk/wp-content/plugins/pastacode/pastacode.php’] – Known exploit = [Fingerprint Match] [RFI Exploit [P1419]]

    Can this be investigated please.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    I don’t see anything. It may be that your site has been hacked or it’s a false positive.

    So, first, delete the plugin from your site and reinstall, then ask the host to check it again. If they say it has a problem, please ask them to identify the specific issue if they can.

    If there’s no longer an issue, then….. well, you may have been hacked. If so, post something in the “fixing wordpress” area and we’ll deal with it.

    Thread Starter borpin2

    (@borpin2)

    So I have uninstalled and reinstalled the plugin and I immediately got a warning from my host

    Critical! – Directory Access Disabled – wp-content/plugins/pastacode/pastacode.php – [‘wp-content/plugins/pastacode/pastacode.php’] – Known exploit = [Fingerprint Match] [RFI Exploit [P1419]]

    Googling the code suggests it is a remote file exploit.

    I’m not actually using it so I will remove it, but I thought you should be aware. I have flagged it with my host as a possible false positive.

    Plugin Author Willy Bahuaud

    (@willybahuaud)

    Hello,

    Thanks you to flagged it as false positive. Maybe your host disallow php script to get remote code from website like GitHub…?

    Pastacode can retrieve remote code (to display it on your posts) but prevent any execution (all data are escaped before save/display).

    Have a nice day!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Possible Exploit in code’ is closed to new replies.