Wordfence Vulnerability: unserialize(): Error at offset

  • Resolved junkofdavid2

    (@junkofdavid2)


    4 years ago

    Hello!

    Wordfence scan is detecting the following in their scan:

    Notice: unserialize(): Error at offset 0 of 245 bytes in /home/XXXXXX/public_html/bull/wp-content/plugins/waterwoo-pdf-premium/classes/class-wwpdf-license-api.php on line XXXX Notice: unserialize(): Error at offset 0 of 245 bytes in /home/XXXXXX/public_html/XXXX/wp-content/plugins/waterwoo-pdf-premium/classes/class-wwpdf-license-api.php on line XXX

    *XXXX means redacted

    Although it seems to be fine in the PDF stamping.

    What to do? (I have a premium license)

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Little Package

    (@littlepackage)

    Hello @junkofdavid2

    First of all, terribly sorry this message got lost in the WP forums. The place for paid/premium support is the website where you got the plugin: web.little-package.com

    I have been watching for vulnerabilities like that and the plugin doesn’t have ones of this type. Wordfence uses GREP patterns to search for troubling code, and found “serialize(“, then raised the alarm. Wordfence raises quite a few false alarms since it is essentially just a robot looking for patterns, and not capable of making fine distinctions. In this case the actual function begins like “maybe_serialize(“, which is the author being cautious.

    I appreciate the heads up, though!

    Hi,

    The error you’re seeing is not due to a Wordfence signature detecting an issue, and it does not indicate that any vulnerabilities are present. It’s happening because something incorrectly formatted got passed to unserialize in class-wwpdf-license-api.php and the error is getting logged in the scan window. You appear to be running the premium version of the WaterWoo PDF plugin so I can’t really tell much more without looking at the code. Wordfence does run an update check on all plugins to see if any updated versions are available, and it’s likely that this is what triggered the error you’re seeing, as premium plugins frequently hook into the update check in order to retrieve available updates from the author’s website.

    P.S. It’s true that Wordfence uses regular expressions to search for malicious code. This is because regular expressions are one of the most powerful and useful ways to find patterns when properly crafted. We’re continually refining the patterns we use to minimize false positives. We have over 3,000 signatures in production, and I promise none of our them are looking for anything as simple, innocuous, and widespread as “serialize(“.

    • This reply was modified 3 years, 12 months ago by ramwf.
    Plugin Author Little Package

    (@littlepackage)

    @ramwf Thanks for chiming in. Ultimately, that file doesn’t exist in any plugin published by Little Package and hasn’t for quite a while, and this regards a paid plugin, so ultimatetly this is a moot point here in the forums.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Wordfence Vulnerability: unserialize(): Error at offset’ is closed to new replies.