Vulnerability Scan Alert: Oct. 2016

The Scarlet Pimp

Supreme Member
Joined
Apr 2, 2008
Messages
1,266
Reaction score
4,231
below is a short list of plugins that hackers in europe were searching for on my domain. these plugins probably have known flaws so you should either update them pronto or remove them. i also included some security app links. :D

/modules/mod_simplefileuploadv1.3/elements/udd.php

/modules/productpageadverts/uploadimage.php

/modules/simpleslideshow/uploadimage.php

/modules/vtemslideshow/uploadimage.php

/tiny_mce/plugins/tinybrowser/upload_file.php

/uploadify/uploadify.php

/wp-content/plugins/./simple-image-manipulator/controller/download.php

/wp-content/plugins/all-in-one-seo-pack/aioseop_utility.php

/wp-content/plugins/candidate-application-form/downloadpdffile.php

/wp-content/plugins/complete-gallery-manager/frames/upload-images.php

/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js

/wp-content/plugins/dzs-zoomsounds/admin/admin.js

/wp-content/plugins/formcraft/file-upload/server/php/upload.php

/wp-content/plugins/gravityforms/js/gravityforms.js

/wp-content/plugins/i-dump-iphone-to-wordpress-photo-uploader
/uploader.php

/wp-content/plugins/jquery-html5-file-upload/jquery-html5-file-upload.php

/wp-content/plugins/landing-pages/tests/phantomjs/server.php

/wp-content/plugins/recent-backups/download-file.php

/wp-content/plugins/revslider/js/rev_admin.js

/wp-content/plugins/revslider/temp/update_extract/revslider/db.php

/wp-content/plugins/robotcpa/f.php
(https://www.exploit-db.com/exploits/37252/)

/wp-content/plugins/showbiz/js/showbiz_admin.js

/wp-content/plugins/simple-ads-manager/js/slider/tmpl.js

/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php

/wp-content/plugins/woocommerce-product-options/includes/image-upload.php

/wp-content/plugins/wp-easy-gallery-pro/admin/php.php

/wp-content/plugins/wp-ecommerce-shop-styling/includes/download.php

/wp-content/plugins/wp-mobile-detector/cache/db.php

/wp-content/plugins/wp-symposium/server/php/jabqAxkifFpZxp.php

/wp-content/plugins/wp-symposium/server/php/kstfAxviOFpZew.php

/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php

/wp-content/plugins/wysija-newsletters/js/tinymce/tiny_mce.js

/wp-content/themes/bold-headline/js/jquery.fittext.js

/wp-content/themes/pinboard/404.php

/wp-content/themes/u-design/scripts/script.js

/wp-config.php.bak

/wp-config.php.save

/wp-config.php~

===

Decrypt JS Packer Code:

1. copy and paste the packed code into
http://dean.edwards.name/unpacker/

2. paste the decompressed code into
http://jsbeautifier.org and read the results.

===

Decode Base64:
http://ottodestruct.com/decoder.php

Website Malware and Security Scanner:
http://sitecheck.sucuri.net/scanner/

Website Security Check,
http://www.unmaskparasites.com

===

Security Add-Ons:

1. Acunetix Scanner,
http://wordpress.org/extend/plugins/wp-security-scan/

2. Anti-Malware,
https://wordpress.org/plugins/gotmls/

3. Anti-Virus,
http://wordpress.org/extend/plugins/antivirus/

4. Bulletproof Security,
http://wordpress.org/extend/plugins/bulletproof-security/

5. Database Backup,
http://wordpress.org/plugins/wp-database-backup/

6. Exploit Scanner,
https://wordpress.org/plugins/exploit-scanner/

7. Firewall,
http://wordpress.org/extend/plugins/wordpress-firewall-2/

8. Login Lockdown,
http://wordpress.org/extend/plugins/login-lockdown/

9. Word Fence,
http://wordpress.org/extend/plugins/wordfence/

===

WP Theme Detecter:
http://wpthemedetector.com
 
that's why you should always keep plugins and themes up to date. Nothing new here really, it's always going on because WordPress is so popular.
 
yep! the "panama papers" scandal never would've happened if they'd kept their plugins updated.
 
that's why you should always keep plugins and themes up to date. Nothing new here really, it's always going on because WordPress is so popular.
has a lot todo with wp being so popular, but also has a lot to do with the size of Wordpress - you can't write something that many moving parts without leaving a lot of holes. Also it's usually the addons getting targeted, because a very small percent of developers have any concept of security at all I've downloaded/installed more than a few apps that process raw user input with 0 input.

Exploit-db is good to subscribe to for all of this, or atleast search your plugin trough them, to see if it's publicaly vulnerable.
 
Back
Top