iThemes Security (formerly Better WP Security) - Version 7.0.3

Version Description

  • Security Fix: Fixed SQL injection vulnerability in the logs page. Note: Admin privileges are required to exploit this vulnerability. Thanks to lirim Emini, Penetration Tester at sentry.co.com, for reporting this vulnerability.
  • Bug Fix: Provide default values for enabled requirements.
Download this release

Release Info

Developer chrisjean
Plugin Icon 128x128 iThemes Security (formerly Better WP Security)
Version 7.0.3
Comparing to
See all releases

Code changes from version 7.0.2 to 7.0.3

Files changed (7) hide show
  1. better-wp-security.php +1 -1
  2. core/admin-pages/logs-list-table.php +11 -2
  3. core/history.txt +3 -0
  4. core/lib/log-util.php +35 -16
  5. core/modules/password-requirements/settings.php +4 -0
  6. history.txt +3 -0
  7. readme.txt +7 -3
better-wp-security.php CHANGED
@@ -6,7 +6,7 @@
6
  * Description: Take the guesswork out of WordPress security. iThemes Security offers 30+ ways to lock down WordPress in an easy-to-use WordPress security plugin.
7
  * Author: iThemes
8
  * Author URI: https://ithemes.com
9
- * Version: 7.0.2
10
  * Text Domain: better-wp-security
11
  * Network: True
12
  * License: GPLv2
6
  * Description: Take the guesswork out of WordPress security. iThemes Security offers 30+ ways to lock down WordPress in an easy-to-use WordPress security plugin.
7
  * Author: iThemes
8
  * Author URI: https://ithemes.com
9
+ * Version: 7.0.3
10
  * Text Domain: better-wp-security
11
  * Network: True
12
  * License: GPLv2
core/admin-pages/logs-list-table.php CHANGED
@@ -269,8 +269,17 @@ final class ITSEC_Logs_List_Table extends ITSEC_WP_List_Table {
269
  $sortable_columns = $this->get_sortable_columns();
270
 
271
  if ( isset( $_GET['orderby'], $_GET['order'] ) ) {
272
- $sort_by_column = $_GET['orderby'];
273
- $sort_direction = $_GET['order'];
 
 
 
 
 
 
 
 
 
274
  } else {
275
  $sort_by_column = 'timestamp';
276
  $sort_direction = 'DESC';
269
  $sortable_columns = $this->get_sortable_columns();
270
 
271
  if ( isset( $_GET['orderby'], $_GET['order'] ) ) {
272
+ if ( preg_match( '/^[a-z_]+$/', $_GET['orderby'] ) ) {
273
+ $sort_by_column = $_GET['orderby'];
274
+ } else {
275
+ $sort_by_column = 'timestamp';
276
+ }
277
+
278
+ if ( in_array( strtoupper( $_GET['order'] ), array( 'DESC', 'ASC' ) ) ) {
279
+ $sort_direction = strtoupper( $_GET['order'] );
280
+ } else {
281
+ $sort_direction = 'DESC';
282
+ }
283
  } else {
284
  $sort_by_column = 'timestamp';
285
  $sort_direction = 'DESC';
core/history.txt CHANGED
@@ -719,3 +719,6 @@
719
  Bug Fix: Accessing password requirement settings would not resolve properly in some instances.
720
  4.6.3 - 2018-06-14 - Chris Jean & Timothy Jacobs
721
  Bug Fix: Enforce the Strong Passwords requirement during Security Check.
 
 
 
719
  Bug Fix: Accessing password requirement settings would not resolve properly in some instances.
720
  4.6.3 - 2018-06-14 - Chris Jean & Timothy Jacobs
721
  Bug Fix: Enforce the Strong Passwords requirement during Security Check.
722
+ 4.6.4 - 2018-06-18 - Chris Jean & Timothy Jacobs
723
+ Security Fix: Fixed SQL injection vulnerability in the logs page. Note: Admin privileges are required to exploit this vulnerability. Thanks to Çlirim Emini, Penetration Tester at sentry.co.com, for reporting this vulnerability.
724
+ Bug Fix: Provide default values for enabled requirements.
core/lib/log-util.php CHANGED
@@ -42,6 +42,22 @@ final class ITSEC_Log_Util {
42
  global $wpdb;
43
 
44
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
45
  $get_count = false;
46
  $min_timestamp = false;
47
 
@@ -61,27 +77,30 @@ final class ITSEC_Log_Util {
61
  $limit = max( 0, min( 100, intval( $limit ) ) );
62
  $page = max( 1, intval( $page ) );
63
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
64
  $sort_direction = strtoupper( $sort_direction );
65
  if ( ! in_array( $sort_direction, array( 'DESC', 'ASC' ) ) ) {
66
  $sort_direction = 'DESC';
67
  }
68
 
69
-
70
- $valid_columns = array(
71
- 'id',
72
- 'parent_id',
73
- 'module',
74
- 'type',
75
- 'code',
76
- 'timestamp',
77
- 'init_timestamp',
78
- 'remote_ip',
79
- 'user_id',
80
- 'url',
81
- 'memory_current',
82
- 'memory_peak',
83
- );
84
-
85
  if ( false === $columns ) {
86
  $columns = $valid_columns;
87
  } else if ( 'all' === $columns ) {
42
  global $wpdb;
43
 
44
 
45
+ $valid_columns = array(
46
+ 'id',
47
+ 'parent_id',
48
+ 'module',
49
+ 'type',
50
+ 'code',
51
+ 'timestamp',
52
+ 'init_timestamp',
53
+ 'remote_ip',
54
+ 'user_id',
55
+ 'url',
56
+ 'memory_current',
57
+ 'memory_peak',
58
+ );
59
+
60
+
61
  $get_count = false;
62
  $min_timestamp = false;
63
 
77
  $limit = max( 0, min( 100, intval( $limit ) ) );
78
  $page = max( 1, intval( $page ) );
79
 
80
+ if ( is_array( $sort_by_column ) ) {
81
+ $regex_valid_columns = '(?:' . implode( '|', $valid_columns ) . ')';
82
+
83
+ foreach ( $sort_by_column as $index => $sort_by ) {
84
+ if ( in_array( $sort_by, $valid_columns ) ) {
85
+ $sort_by_column[$index] = "$sort_by DESC";
86
+ } else if ( ! preg_match( "/^$regex_valid_columns\s+(?:DESC|ASC)$/i", $sort_by ) ) {
87
+ trigger_error( "Invalid sort_by_column format: $sort_by" );
88
+ unset( $sort_by_column[$index] );
89
+ }
90
+ }
91
+
92
+ if ( empty( $sort_by_column ) ) {
93
+ $sort_by_column = 'timestamp';
94
+ }
95
+ } else if ( ! in_array( $sort_by_column, $valid_columns ) ) {
96
+ $sort_by_column = 'timestamp';
97
+ }
98
+
99
  $sort_direction = strtoupper( $sort_direction );
100
  if ( ! in_array( $sort_direction, array( 'DESC', 'ASC' ) ) ) {
101
  $sort_direction = 'DESC';
102
  }
103
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
104
  if ( false === $columns ) {
105
  $columns = $valid_columns;
106
  } else if ( 'all' === $columns ) {
core/modules/password-requirements/settings.php CHANGED
@@ -29,6 +29,10 @@ class ITSEC_Password_Requirements_Settings extends ITSEC_Settings {
29
 
30
  foreach ( ITSEC_Lib_Password_Requirements::get_registered() as $code => $requirement ) {
31
 
 
 
 
 
32
  if ( null === $requirement['defaults'] ) {
33
  continue;
34
  }
29
 
30
  foreach ( ITSEC_Lib_Password_Requirements::get_registered() as $code => $requirement ) {
31
 
32
+ if ( ! isset( $this->settings['enabled_requirements'][ $code ] ) ) {
33
+ $this->settings['enabled_requirements'][ $code ] = false;
34
+ }
35
+
36
  if ( null === $requirement['defaults'] ) {
37
  continue;
38
  }
history.txt CHANGED
@@ -782,3 +782,6 @@
782
  Bug Fix: Remove distributed storage table on uninstall.
783
  Tweak: Don't write to the tracked files setting if the file hash has not changed.
784
  Tweak: If no last password change date is recorded for the user, treat their registration date as the last change date.
 
 
 
782
  Bug Fix: Remove distributed storage table on uninstall.
783
  Tweak: Don't write to the tracked files setting if the file hash has not changed.
784
  Tweak: If no last password change date is recorded for the user, treat their registration date as the last change date.
785
+ 7.0.3 - 2018-06-18 - Chris Jean & Timothy Jacobs
786
+ Security Fix: Fixed SQL injection vulnerability in the logs page. Note: Admin privileges are required to exploit this vulnerability. Thanks to Çlirim Emini, Penetration Tester at sentry.co.com, for reporting this vulnerability.
787
+ Bug Fix: Provide default values for enabled requirements.
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: ithemes, chrisjean, gerroald, mattdanner, timothyblynjacobs
3
  Tags: security, security plugin, malware, hack, secure, block, SSL, admin, htaccess, lockdown, login, protect, protection, anti virus, attack, injection, login security, maintenance, permissions, prevention, authentication, administration, password, brute force, ban, permissions, bots, user agents, xml rpc, security log
4
  Requires at least: 4.7
5
  Tested up to: 4.9.6
6
- Stable tag: 7.0.2
7
  Requires PHP: 5.2
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -189,6 +189,10 @@ Free support may be available with the help of the community in the <a href="htt
189
 
190
  == Changelog ==
191
 
 
 
 
 
192
  = 7.0.2 =
193
  * Enhancement: Add UI to cancel in progress File Scan.
194
  * Enhancement: Add basic admin debug page to help diagnosing and resolving issues. Particularly with the events.
@@ -472,5 +476,5 @@ Free support may be available with the help of the community in the <a href="htt
472
 
473
  == Upgrade Notice ==
474
 
475
- = 7.0.2 =
476
- Version 7.0.2 contains important bug fixes and various enhancements. It is recommended for all users.
3
  Tags: security, security plugin, malware, hack, secure, block, SSL, admin, htaccess, lockdown, login, protect, protection, anti virus, attack, injection, login security, maintenance, permissions, prevention, authentication, administration, password, brute force, ban, permissions, bots, user agents, xml rpc, security log
4
  Requires at least: 4.7
5
  Tested up to: 4.9.6
6
+ Stable tag: 7.0.3
7
  Requires PHP: 5.2
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
189
 
190
  == Changelog ==
191
 
192
+ = 7.0.3 =
193
+ * Security Fix: Fixed SQL injection vulnerability in the logs page. Note: Admin privileges are required to exploit this vulnerability. Thanks to Çlirim Emini, Penetration Tester at sentry.co.com, for reporting this vulnerability.
194
+ * Bug Fix: Provide default values for enabled requirements.
195
+
196
  = 7.0.2 =
197
  * Enhancement: Add UI to cancel in progress File Scan.
198
  * Enhancement: Add basic admin debug page to help diagnosing and resolving issues. Particularly with the events.
476
 
477
  == Upgrade Notice ==
478
 
479
+ = 7.0.3 =
480
+ Version 7.0.3 contains an important security big fix. It is recommended for all users.