Version Description
- Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
- Fixed another XSS vulnerabilities in the admin (thanks to James H.)
Download this release
Release Info
Developer | scheeeli |
Plugin | Anti-Malware Security and Brute-Force Firewall |
Version | 4.15.23 |
Comparing to | |
See all releases |
Code changes from version 4.15.22 to 4.15.23
- images/index.php +1 -1
- index.php +4 -4
- readme.txt +7 -6
- safe-load/index.php +1 -1
images/index.php
CHANGED
@@ -10,7 +10,7 @@ function GOTMLS_define($DEF, $val) {
|
|
10 |
define($DEF, $val);
|
11 |
}}
|
12 |
|
13 |
-
GOTMLS_define("GOTMLS_Version", "4.15.
|
14 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
15 |
GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
|
16 |
GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
|
10 |
define($DEF, $val);
|
11 |
}}
|
12 |
|
13 |
+
GOTMLS_define("GOTMLS_Version", "4.15.23");
|
14 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
15 |
GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
|
16 |
GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
|
index.php
CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
-
Version: 4.15.
|
12 |
*/
|
13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
@@ -46,7 +46,6 @@ function GOTMLS_install() {
|
|
46 |
register_activation_hook(__FILE__, "GOTMLS_install");
|
47 |
|
48 |
function GOTMLS_user_can() {
|
49 |
-
require_once(ABSPATH.WPINC.'/pluggable.php');
|
50 |
if (is_multisite())
|
51 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "manage_network";
|
52 |
elseif (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] == "manage_network")
|
@@ -684,7 +683,7 @@ function GOTMLS_settings() {
|
|
684 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_POST["check"];
|
685 |
if (isset($_POST["exclude_ext"])) {
|
686 |
if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
|
687 |
-
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', $_POST["exclude_ext"])), -1, PREG_SPLIT_NO_EMPTY);
|
688 |
else
|
689 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
|
690 |
}
|
@@ -698,7 +697,7 @@ function GOTMLS_settings() {
|
|
698 |
}
|
699 |
if (isset($_POST["exclude_dir"])) {
|
700 |
if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
|
701 |
-
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim($_POST["exclude_dir"]), -1, PREG_SPLIT_NO_EMPTY);
|
702 |
else
|
703 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
|
704 |
for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
|
@@ -1345,6 +1344,7 @@ function GOTMLS_init() {
|
|
1345 |
|
1346 |
if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) || (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))))) {
|
1347 |
@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
|
|
|
1348 |
GOTMLS_loaded();
|
1349 |
GOTMLS_init();
|
1350 |
die("\n//PHP to Javascript Error!\n");
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
+
Version: 4.15.23
|
12 |
*/
|
13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
46 |
register_activation_hook(__FILE__, "GOTMLS_install");
|
47 |
|
48 |
function GOTMLS_user_can() {
|
|
|
49 |
if (is_multisite())
|
50 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] = "manage_network";
|
51 |
elseif (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"] == "manage_network")
|
683 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_POST["check"];
|
684 |
if (isset($_POST["exclude_ext"])) {
|
685 |
if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
|
686 |
+
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(str_replace('.', ',', htmlentities($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
|
687 |
else
|
688 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
|
689 |
}
|
697 |
}
|
698 |
if (isset($_POST["exclude_dir"])) {
|
699 |
if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
|
700 |
+
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim(htmlentities($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
|
701 |
else
|
702 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
|
703 |
for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
|
1344 |
|
1345 |
if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) || (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))))) {
|
1346 |
@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
|
1347 |
+
require_once(ABSPATH.WPINC.'/pluggable.php');
|
1348 |
GOTMLS_loaded();
|
1349 |
GOTMLS_init();
|
1350 |
die("\n//PHP to Javascript Error!\n");
|
readme.txt
CHANGED
@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
-
Version: 4.15.
|
9 |
-
Stable tag: 4.15.
|
10 |
Requires at least: 3.3
|
11 |
Tested up to: 4.2.2
|
12 |
|
@@ -24,7 +24,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
|
|
24 |
* Run a Complete Scan from the Settings Page.
|
25 |
* Download Definition Updates to protect against new threats.
|
26 |
|
27 |
-
Updated May
|
28 |
|
29 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
30 |
|
@@ -89,8 +89,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
89 |
|
90 |
== Changelog ==
|
91 |
|
92 |
-
= 4.15.
|
93 |
* Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
|
|
94 |
|
95 |
= 4.15.20 =
|
96 |
* Hardened against XSS vulnerabilities in the admin (thanks to Tim Coen).
|
@@ -328,8 +329,8 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
328 |
|
329 |
== Upgrade Notice ==
|
330 |
|
331 |
-
= 4.15.
|
332 |
-
|
333 |
|
334 |
= 4.15.20 =
|
335 |
Hardened against XSS in the admin, changed encoding of the index.php file in the Quarantine, added more info to some error messages and a feature to restore a default setting, and fixed a few small bugs.
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
+
Version: 4.15.23
|
9 |
+
Stable tag: 4.15.23
|
10 |
Requires at least: 3.3
|
11 |
Tested up to: 4.2.2
|
12 |
|
24 |
* Run a Complete Scan from the Settings Page.
|
25 |
* Download Definition Updates to protect against new threats.
|
26 |
|
27 |
+
Updated May 18th
|
28 |
|
29 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
30 |
|
89 |
|
90 |
== Changelog ==
|
91 |
|
92 |
+
= 4.15.23 =
|
93 |
* Hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
94 |
+
* Fixed another XSS vulnerabilities in the admin (thanks to James H.)
|
95 |
|
96 |
= 4.15.20 =
|
97 |
* Hardened against XSS vulnerabilities in the admin (thanks to Tim Coen).
|
329 |
|
330 |
== Upgrade Notice ==
|
331 |
|
332 |
+
= 4.15.23 =
|
333 |
+
Fixed another XSS vulnerabilities in the admin (thanks to James H.), and hardened admin_init with current_user_can and realpath on the quarantine file deletion (thanks to J.D. Grimes).
|
334 |
|
335 |
= 4.15.20 =
|
336 |
Hardened against XSS in the admin, changed encoding of the index.php file in the Quarantine, added more info to some error messages and a feature to restore a default setting, and fixed a few small bugs.
|
safe-load/index.php
CHANGED
@@ -12,5 +12,5 @@ foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_
|
|
12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
13 |
foreach (array("log") as $var)
|
14 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
15 |
-
header("location: http://safe-load.gotmls.net/report.php?ver=4.15.
|
16 |
die();
|
12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
13 |
foreach (array("log") as $var)
|
14 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
15 |
+
header("location: http://safe-load.gotmls.net/report.php?ver=4.15.23".$_SESSION["GOTMLS_detected_attacks"]);
|
16 |
die();
|