Version Description
- Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
Download this release
Release Info
| Developer | scheeeli |
| Plugin |  Anti-Malware Security and Brute-Force Firewall |
| Version | 4.15.22 |
| Comparing to | |
| See all releases | |
Code changes from version 4.15.21 to 4.15.22
- images/index.php +1 -1
- index.php +15 -9
- readme.txt +5 -5
- safe-load/index.php +1 -1
images/index.php
CHANGED
|
@@ -10,7 +10,7 @@ function GOTMLS_define($DEF, $val) {
|
|
| 10 |
define($DEF, $val);
|
| 11 |
}}
|
| 12 |
|
| 13 |
-
GOTMLS_define("GOTMLS_Version", "4.15.
|
| 14 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
| 15 |
GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
|
| 16 |
GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
|
| 10 |
define($DEF, $val);
|
| 11 |
}}
|
| 12 |
|
| 13 |
+
GOTMLS_define("GOTMLS_Version", "4.15.22");
|
| 14 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
| 15 |
GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
|
| 16 |
GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
|
index.php
CHANGED
|
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
| 8 |
Contributors: scheeeli, gotmls
|
| 9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
| 11 |
-
Version: 4.15.
|
| 12 |
*/
|
| 13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
| 14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
|
@@ -46,6 +46,7 @@ function GOTMLS_install() {
|
|
| 46 |
register_activation_hook(__FILE__, "GOTMLS_install");
|
| 47 |
|
| 48 |
function GOTMLS_user_can() {
|
|
|
|
| 49 |
if (is_multisite())
|
| 50 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "manage_network";
|
| 51 |
elseif (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] == "manage_network")
|
|
@@ -374,8 +375,8 @@ setDiv("div_file");
|
|
| 374 |
<input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
|
| 375 |
</div>
|
| 376 |
</form>
|
| 377 |
-
<div id="registerKeyForm" style="display: none;">'.__("<p>
|
| 378 |
-
'.__("
|
| 379 |
<form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value="">
|
| 380 |
<div>'.__("Your Full Name:",'gotmls').'</div>
|
| 381 |
<div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
|
|
@@ -437,7 +438,7 @@ setDiv("div_file");
|
|
| 437 |
} else {
|
| 438 |
document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
|
| 439 |
showhide("Definition_Updates", true);
|
| 440 |
-
stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions.'", "Definition_Updates");
|
| 441 |
showhide("registerKeyForm");
|
| 442 |
return true;
|
| 443 |
}
|
|
@@ -469,10 +470,10 @@ setDiv("div_file");
|
|
| 469 |
<input type="hidden" name="lc" value="US">
|
| 470 |
<input type="hidden" name="bn" value="PP-DonationsBF">
|
| 471 |
<input type="radio" name="amount" value="14.89">$14+
|
| 472 |
-
<input type="radio" id="default_level_donation" name="amount" value="29.
|
| 473 |
-
<input type="radio" id="higher_level_donation" name="amount" value="
|
| 474 |
-
<input type="radio" name="amount" value="
|
| 475 |
-
<input type="radio" name="amount" value="
|
| 476 |
<input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin">
|
| 477 |
<input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'">
|
| 478 |
<input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'">
|
|
@@ -764,7 +765,7 @@ function GOTMLS_settings() {
|
|
| 764 |
</div>';
|
| 765 |
}
|
| 766 |
} else
|
| 767 |
-
$scan_opts .= '<a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"><b> '.$threat_level_name.'</b><br /><div style="padding: 14px;" id="check_'.$threat_level.'_div_NA">'.__("
|
| 768 |
$scan_opts .= '
|
| 769 |
</div>';
|
| 770 |
}
|
|
@@ -1141,6 +1142,11 @@ function GOTMLS_init() {
|
|
| 1141 |
if (is_array($GOTnew_definitions))
|
| 1142 |
$GOTMLS_onLoad .= "updates_complete('Downloaded Definitions');";
|
| 1143 |
} elseif (($DEF = GOTMLS_get_URL(GOTMLS_update_home.'definitions.php?ver='.GOTMLS_Version.'&wp='.$wp_version.'&ts='.date("YmdHis").'&d='.ur1encode(GOTMLS_siteurl))) && (($GOT_definitions = GOTMLS_decode($DEF)) != serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"])) && is_array($GOTnew_definitions = maybe_unserialize($GOT_definitions)) && count($GOTnew_definitions)) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1144 |
$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
|
| 1145 |
$GOTnew_definitions = array();
|
| 1146 |
$GOTMLS_onLoad .= "updates_complete('New Definitions Automatically Installed :-)');";
|
| 8 |
Contributors: scheeeli, gotmls
|
| 9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
| 11 |
+
Version: 4.15.22
|
| 12 |
*/
|
| 13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
| 14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
| 46 |
register_activation_hook(__FILE__, "GOTMLS_install");
|
| 47 |
|
| 48 |
function GOTMLS_user_can() {
|
| 49 |
+
require_once(ABSPATH.WPINC.'/pluggable.php');
|
| 50 |
if (is_multisite())
|
| 51 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "manage_network";
|
| 52 |
elseif (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] == "manage_network")
|
| 375 |
<input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
|
| 376 |
</div>
|
| 377 |
</form>
|
| 378 |
+
<div id="registerKeyForm" style="display: none;"><span style="color: #F00">'.__("<p>Get instant access to definition updates.</p>",'gotmls').'</span><input type="button" style="width: 100%;" value="'.__("Check for Definition Updates Now!",'gotmls').'" onclick="check_for_updates(\'Definition_Updates\');" /><p>
|
| 379 |
+
'.__("If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information.",'gotmls').'</p>
|
| 380 |
<form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.GOTMLS_plugin_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value="">
|
| 381 |
<div>'.__("Your Full Name:",'gotmls').'</div>
|
| 382 |
<div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
|
| 438 |
} else {
|
| 439 |
document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
|
| 440 |
showhide("Definition_Updates", true);
|
| 441 |
+
setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$Update_Definitions.'", "Definition_Updates")\', 3000);
|
| 442 |
showhide("registerKeyForm");
|
| 443 |
return true;
|
| 444 |
}
|
| 470 |
<input type="hidden" name="lc" value="US">
|
| 471 |
<input type="hidden" name="bn" value="PP-DonationsBF">
|
| 472 |
<input type="radio" name="amount" value="14.89">$14+
|
| 473 |
+
<input type="radio" id="default_level_donation" name="amount" value="29.29" checked>$29+
|
| 474 |
+
<input type="radio" id="higher_level_donation" name="amount" value="52.00">$52
|
| 475 |
+
<input type="radio" name="amount" value="86.00">$86
|
| 476 |
+
<input type="radio" name="amount" value="133.70">$133.7
|
| 477 |
<input type="hidden" name="item_name" value="Donation to Eli\'s Anti-Malware Plugin">
|
| 478 |
<input type="hidden" name="item_number" value="GOTMLS-key-'.GOTMLS_installation_key.'">
|
| 479 |
<input type="hidden" name="custom" value="key-'.GOTMLS_installation_key.'">
|
| 765 |
</div>';
|
| 766 |
}
|
| 767 |
} else
|
| 768 |
+
$scan_opts .= '<a title="'.__("Download Definition Updates to Use this feature",'gotmls').'"><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="X"><b> '.$threat_level_name.'</b><br /><div style="padding: 14px;" id="check_'.$threat_level.'_div_NA"><span style="color: #F00">'.__("Download the new definitions (Right sidebar) to activate this feature.",'gotmls').'</span></div>';
|
| 769 |
$scan_opts .= '
|
| 770 |
</div>';
|
| 771 |
}
|
| 1142 |
if (is_array($GOTnew_definitions))
|
| 1143 |
$GOTMLS_onLoad .= "updates_complete('Downloaded Definitions');";
|
| 1144 |
} elseif (($DEF = GOTMLS_get_URL(GOTMLS_update_home.'definitions.php?ver='.GOTMLS_Version.'&wp='.$wp_version.'&ts='.date("YmdHis").'&d='.ur1encode(GOTMLS_siteurl))) && (($GOT_definitions = GOTMLS_decode($DEF)) != serialize($GLOBALS["GOTMLS"]["tmp"]["definitions_array"])) && is_array($GOTnew_definitions = maybe_unserialize($GOT_definitions)) && count($GOTnew_definitions)) {
|
| 1145 |
+
if (!(isset($_REQUEST["check"]) && is_array($_REQUEST["check"])))
|
| 1146 |
+
$_REQUEST["check"] = array();
|
| 1147 |
+
foreach ($GOTnew_definitions as $threat_level=>$definition_names)
|
| 1148 |
+
if (!isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["$threat_level"]) && !(is_array($GLOBALS["GOTMLS"]["tmp"]["settings"]["check"]) && in_array("$threat_level", $GLOBALS["GOTMLS"]["tmp"]["settings"]["check"])) && !in_array("$threat_level", $_REQUEST["check"]))
|
| 1149 |
+
$_REQUEST["check"][] = "$threat_level";
|
| 1150 |
$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = $GOTnew_definitions;
|
| 1151 |
$GOTnew_definitions = array();
|
| 1152 |
$GOTMLS_onLoad .= "updates_complete('New Definitions Automatically Installed :-)');";
|
readme.txt
CHANGED
|
@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
| 5 |
Contributors: scheeeli, gotmls
|
| 6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 7 |
Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
| 8 |
-
Version: 4.15.
|
| 9 |
-
Stable tag: 4.15.
|
| 10 |
Requires at least: 3.3
|
| 11 |
Tested up to: 4.2.2
|
| 12 |
|
|
@@ -24,7 +24,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
|
|
| 24 |
* Run a Complete Scan from the Settings Page.
|
| 25 |
* Download Definition Updates to protect against new threats.
|
| 26 |
|
| 27 |
-
Updated May
|
| 28 |
|
| 29 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
| 30 |
|
|
@@ -89,7 +89,7 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
| 89 |
|
| 90 |
== Changelog ==
|
| 91 |
|
| 92 |
-
= 4.15.
|
| 93 |
* Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
| 94 |
|
| 95 |
= 4.15.20 =
|
|
@@ -328,7 +328,7 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
| 328 |
|
| 329 |
== Upgrade Notice ==
|
| 330 |
|
| 331 |
-
= 4.15.
|
| 332 |
Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
| 333 |
|
| 334 |
= 4.15.20 =
|
| 5 |
Contributors: scheeeli, gotmls
|
| 6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 7 |
Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
| 8 |
+
Version: 4.15.22
|
| 9 |
+
Stable tag: 4.15.22
|
| 10 |
Requires at least: 3.3
|
| 11 |
Tested up to: 4.2.2
|
| 12 |
|
| 24 |
* Run a Complete Scan from the Settings Page.
|
| 25 |
* Download Definition Updates to protect against new threats.
|
| 26 |
|
| 27 |
+
Updated May 17th
|
| 28 |
|
| 29 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
| 30 |
|
| 89 |
|
| 90 |
== Changelog ==
|
| 91 |
|
| 92 |
+
= 4.15.22 =
|
| 93 |
* Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
| 94 |
|
| 95 |
= 4.15.20 =
|
| 328 |
|
| 329 |
== Upgrade Notice ==
|
| 330 |
|
| 331 |
+
= 4.15.22 =
|
| 332 |
Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
| 333 |
|
| 334 |
= 4.15.20 =
|
safe-load/index.php
CHANGED
|
@@ -12,5 +12,5 @@ foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_
|
|
| 12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
| 13 |
foreach (array("log") as $var)
|
| 14 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
| 15 |
-
header("location: http://safe-load.gotmls.net/report.php?ver=4.15.
|
| 16 |
die();
|
| 12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
| 13 |
foreach (array("log") as $var)
|
| 14 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
| 15 |
+
header("location: http://safe-load.gotmls.net/report.php?ver=4.15.22".$_SESSION["GOTMLS_detected_attacks"]);
|
| 16 |
die();
|
