Version Description
- Fixed issue with twentyten, twentyeleven, twentytwelve themes showing up as modified in 3.5.
- Fixed issue with wpdb->prepare throwing warnings. WordPress changed their code and we have now caught up.
- Fixed issue of files containing "silence is golden" showing up as being changed with no executable content.
Download this release
Release Info
| Developer | mmaunder |
| Plugin |  Wordfence Security – Firewall & Malware Scan |
| Version | 3.5.1 |
| Comparing to | |
| See all releases | |
Code changes from version 3.4.5 to 3.5.1
- lib/wfIssues.php +7 -7
- lib/wordfenceConstants.php +1 -1
- lib/wordfenceHash.php +21 -16
- readme.txt +7 -2
- wordfence.php +2 -2
lib/wfIssues.php
CHANGED
|
@@ -217,16 +217,16 @@ class wfIssues {
|
|
| 217 |
private function updateSummaryItems(){
|
| 218 |
global $wpdb;
|
| 219 |
$dat = array();
|
| 220 |
-
$users = $wpdb->get_col(
|
| 221 |
$dat['totalUsers'] = sizeof($users);
|
| 222 |
-
$res1 = $wpdb->get_col(
|
| 223 |
-
$res1 = $wpdb->get_col(
|
| 224 |
-
$res1 = $wpdb->get_col(
|
| 225 |
-
$res1 = $wpdb->get_col(
|
| 226 |
-
$res1 = $wpdb->get_col(
|
| 227 |
$totalRows = 0;
|
| 228 |
foreach($res1 as $table){
|
| 229 |
-
$res2 = $wpdb->get_col(
|
| 230 |
if(isset($res2[0]) ){
|
| 231 |
$totalRows += $res2[0];
|
| 232 |
}
|
| 217 |
private function updateSummaryItems(){
|
| 218 |
global $wpdb;
|
| 219 |
$dat = array();
|
| 220 |
+
$users = $wpdb->get_col("SELECT $wpdb->users.ID FROM $wpdb->users");
|
| 221 |
$dat['totalUsers'] = sizeof($users);
|
| 222 |
+
$res1 = $wpdb->get_col("SELECT count(*) as cnt FROM $wpdb->posts where post_type='page' and post_status NOT IN ('auto-draft')"); $dat['totalPages'] = $res1['0'];
|
| 223 |
+
$res1 = $wpdb->get_col("SELECT count(*) as cnt FROM $wpdb->posts where post_type='post' and post_status NOT IN ('auto-draft')"); $dat['totalPosts'] = $res1['0'];
|
| 224 |
+
$res1 = $wpdb->get_col("SELECT count(*) as cnt FROM $wpdb->comments"); $dat['totalComments'] = $res1['0'];
|
| 225 |
+
$res1 = $wpdb->get_col("SELECT count(*) as cnt FROM $wpdb->term_taxonomy where taxonomy='category'"); $dat['totalCategories'] = $res1['0'];
|
| 226 |
+
$res1 = $wpdb->get_col("show tables"); $dat['totalTables'] = sizeof($res1);
|
| 227 |
$totalRows = 0;
|
| 228 |
foreach($res1 as $table){
|
| 229 |
+
$res2 = $wpdb->get_col("select count(*) from $table");
|
| 230 |
if(isset($res2[0]) ){
|
| 231 |
$totalRows += $res2[0];
|
| 232 |
}
|
lib/wordfenceConstants.php
CHANGED
|
@@ -1,5 +1,5 @@
|
|
| 1 |
<?php
|
| 2 |
-
define('WORDFENCE_API_VERSION', '2.
|
| 3 |
define('WORDFENCE_API_URL_SEC', 'https://noc1.wordfence.com/');
|
| 4 |
define('WORDFENCE_API_URL_NONSEC', 'http://noc1.wordfence.com/');
|
| 5 |
define('WORDFENCE_MAX_SCAN_TIME', 86400); //Increased this from 10 mins to 1 day because very big scans run for a long time. Users can use kill.
|
| 1 |
<?php
|
| 2 |
+
define('WORDFENCE_API_VERSION', '2.5');
|
| 3 |
define('WORDFENCE_API_URL_SEC', 'https://noc1.wordfence.com/');
|
| 4 |
define('WORDFENCE_API_URL_NONSEC', 'http://noc1.wordfence.com/');
|
| 5 |
define('WORDFENCE_MAX_SCAN_TIME', 86400); //Increased this from 10 mins to 1 day because very big scans run for a long time. Users can use kill.
|
lib/wordfenceHash.php
CHANGED
|
@@ -226,22 +226,27 @@ class wordfenceHash {
|
|
| 226 |
$knownFile = 1;
|
| 227 |
} else {
|
| 228 |
if($this->coreEnabled){
|
| 229 |
-
$
|
| 230 |
-
$
|
| 231 |
-
|
| 232 |
-
|
| 233 |
-
'
|
| 234 |
-
|
| 235 |
-
|
| 236 |
-
|
| 237 |
-
|
| 238 |
-
'
|
| 239 |
-
'
|
| 240 |
-
|
| 241 |
-
|
| 242 |
-
|
| 243 |
-
|
| 244 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 245 |
}
|
| 246 |
}
|
| 247 |
} else if(isset($this->knownFiles['plugins'][$file])){
|
| 226 |
$knownFile = 1;
|
| 227 |
} else {
|
| 228 |
if($this->coreEnabled){
|
| 229 |
+
$localFile = ABSPATH . '/' . preg_replace('/^[\.\/]+/', '', $file);
|
| 230 |
+
$fileContents = @file_get_contents($localFile);
|
| 231 |
+
if($fileContents && (! preg_match('/<\?' . 'php[\r\n\s\t]*\/\/[\r\n\s\t]*Silence is golden\.[\r\n\s\t]*(?:\?>)?[\r\n\s\t]*$/s', $fileContents))){
|
| 232 |
+
|
| 233 |
+
$this->haveIssues['core'] = true;
|
| 234 |
+
$this->engine->addIssue(
|
| 235 |
+
'file',
|
| 236 |
+
1,
|
| 237 |
+
'coreModified' . $file . $md5,
|
| 238 |
+
'coreModified' . $file,
|
| 239 |
+
'WordPress core file modified: ' . $file,
|
| 240 |
+
"This WordPress core file has been modified and differs from the original file distributed with this version of WordPress.",
|
| 241 |
+
array(
|
| 242 |
+
'file' => $file,
|
| 243 |
+
'cType' => 'core',
|
| 244 |
+
'canDiff' => true,
|
| 245 |
+
'canFix' => true,
|
| 246 |
+
'canDelete' => false
|
| 247 |
+
)
|
| 248 |
+
);
|
| 249 |
+
}
|
| 250 |
}
|
| 251 |
}
|
| 252 |
} else if(isset($this->knownFiles['plugins'][$file])){
|
readme.txt
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
Contributors: mmaunder
|
| 3 |
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
-
Tested up to: 3.
|
| 6 |
-
Stable tag: 3.
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
|
| 9 |
|
|
@@ -154,6 +154,11 @@ or a theme, because often these have been updated to fix a security hole.
|
|
| 154 |
|
| 155 |
== Changelog ==
|
| 156 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 157 |
= 3.4.5 =
|
| 158 |
* Fixed security issue of being able to list wordfence's own virtual dir on some server configurations.
|
| 159 |
* Fixed issue of WF using deprecated function which caused warnings or errors on install.
|
| 2 |
Contributors: mmaunder
|
| 3 |
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
+
Tested up to: 3.5
|
| 6 |
+
Stable tag: 3.5.1
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
|
| 9 |
|
| 154 |
|
| 155 |
== Changelog ==
|
| 156 |
|
| 157 |
+
= 3.5.1 =
|
| 158 |
+
* Fixed issue with twentyten, twentyeleven, twentytwelve themes showing up as modified in 3.5.
|
| 159 |
+
* Fixed issue with wpdb->prepare throwing warnings. WordPress changed their code and we have now caught up.
|
| 160 |
+
* Fixed issue of files containing "silence is golden" showing up as being changed with no executable content.
|
| 161 |
+
|
| 162 |
= 3.4.5 =
|
| 163 |
* Fixed security issue of being able to list wordfence's own virtual dir on some server configurations.
|
| 164 |
* Fixed issue of WF using deprecated function which caused warnings or errors on install.
|
wordfence.php
CHANGED
|
@@ -4,10 +4,10 @@ Plugin Name: Wordfence Security
|
|
| 4 |
Plugin URI: http://wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
|
| 6 |
Author: Mark Maunder
|
| 7 |
-
Version: 3.
|
| 8 |
Author URI: http://wordfence.com/
|
| 9 |
*/
|
| 10 |
-
define('WORDFENCE_VERSION', '3.
|
| 11 |
if(get_option('wordfenceActivated') != 1){
|
| 12 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 13 |
}
|
| 4 |
Plugin URI: http://wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
|
| 6 |
Author: Mark Maunder
|
| 7 |
+
Version: 3.5.1
|
| 8 |
Author URI: http://wordfence.com/
|
| 9 |
*/
|
| 10 |
+
define('WORDFENCE_VERSION', '3.5.1');
|
| 11 |
if(get_option('wordfenceActivated') != 1){
|
| 12 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 13 |
}
|
