Wordfence Security – Firewall &amp; Malware Scan

Version Description

January 15, 2020 =
Improvement: Improved WAF coverage for an Infinite WP authentication bypass vulnerability. Credit to Marc Montpas for finding a bypass.

Release Info

Developer	wfryan
Plugin	Wordfence Security – Firewall & Malware Scan
Version	7.4.5
Comparing to
See all releases

Code changes from version 7.4.4 to 7.4.5

Files changed (60) hide show

css/{activity-report-widget.1579033043.css → activity-report-widget.1579191227.css} +0 -0
css/{diff.1579033043.css → diff.1579191227.css} +0 -0
css/{dt_table.1579033043.css → dt_table.1579191227.css} +0 -0
css/{fullLog.1579033043.css → fullLog.1579191227.css} +0 -0
css/{iptraf.1579033043.css → iptraf.1579191227.css} +0 -0
css/{jquery-ui-timepicker-addon.1579033043.css → jquery-ui-timepicker-addon.1579191227.css} +0 -0
css/{jquery-ui.min.1579033043.css → jquery-ui.min.1579191227.css} +0 -0
css/{jquery-ui.structure.min.1579033043.css → jquery-ui.structure.min.1579191227.css} +0 -0
css/{jquery-ui.theme.min.1579033043.css → jquery-ui.theme.min.1579191227.css} +0 -0
css/{main.1579033043.css → main.1579191227.css} +0 -0
css/{phpinfo.1579033043.css → phpinfo.1579191227.css} +0 -0
css/{wf-adminbar.1579033043.css → wf-adminbar.1579191227.css} +0 -0
css/{wf-colorbox.1579033043.css → wf-colorbox.1579191227.css} +0 -0
css/{wf-font-awesome.1579033043.css → wf-font-awesome.1579191227.css} +0 -0
css/{wf-global.1579033043.css → wf-global.1579191227.css} +0 -0
css/{wf-ionicons.1579033043.css → wf-ionicons.1579191227.css} +0 -0
css/{wf-onboarding.1579033043.css → wf-onboarding.1579191227.css} +0 -0
css/{wf-roboto-font.1579033043.css → wf-roboto-font.1579191227.css} +0 -0
css/{wfselect2.min.1579033043.css → wfselect2.min.1579191227.css} +0 -0
css/{wordfenceBox.1579033043.css → wordfenceBox.1579191227.css} +0 -0
js/{Chart.bundle.min.1579033043.js → Chart.bundle.min.1579191227.js} +0 -0
js/{admin.1579033043.js → admin.1579191227.js} +0 -0
js/{admin.ajaxWatcher.1579033043.js → admin.ajaxWatcher.1579191227.js} +0 -0
js/{admin.liveTraffic.1579033043.js → admin.liveTraffic.1579191227.js} +0 -0
js/{date.1579033043.js → date.1579191227.js} +0 -0
js/{jquery-ui-timepicker-addon.1579033043.js → jquery-ui-timepicker-addon.1579191227.js} +0 -0
js/{jquery.colorbox-min.1579033043.js → jquery.colorbox-min.1579191227.js} +0 -0
js/{jquery.colorbox.1579033043.js → jquery.colorbox.1579191227.js} +0 -0
js/{jquery.dataTables.min.1579033043.js → jquery.dataTables.min.1579191227.js} +0 -0
js/{jquery.qrcode.min.1579033043.js → jquery.qrcode.min.1579191227.js} +0 -0
js/{jquery.tmpl.min.1579033043.js → jquery.tmpl.min.1579191227.js} +0 -0
js/{jquery.tools.min.1579033043.js → jquery.tools.min.1579191227.js} +0 -0
js/{knockout-3.3.0.1579033043.js → knockout-3.3.0.1579191227.js} +0 -0
js/{wfdashboard.1579033043.js → wfdashboard.1579191227.js} +0 -0
js/{wfdropdown.1579033043.js → wfdropdown.1579191227.js} +0 -0
js/{wfglobal.1579033043.js → wfglobal.1579191227.js} +0 -0
js/{wfpopover.1579033043.js → wfpopover.1579191227.js} +0 -0
js/{wfselect2.min.1579033043.js → wfselect2.min.1579191227.js} +0 -0
lib/wordfenceClass.php +3 -2
modules/login-security/css/{admin-global.1579033043.css → admin-global.1579191227.css} +0 -0
modules/login-security/css/{admin.1579033043.css → admin.1579191227.css} +0 -0
modules/login-security/css/{colorbox.1579033043.css → colorbox.1579191227.css} +0 -0
modules/login-security/css/{font-awesome.1579033043.css → font-awesome.1579191227.css} +0 -0
modules/login-security/css/{ionicons.1579033043.css → ionicons.1579191227.css} +0 -0
modules/login-security/css/{jquery-ui-timepicker-addon.1579033043.css → jquery-ui-timepicker-addon.1579191227.css} +0 -0
modules/login-security/css/{jquery-ui.min.1579033043.css → jquery-ui.min.1579191227.css} +0 -0
modules/login-security/css/{jquery-ui.structure.min.1579033043.css → jquery-ui.structure.min.1579191227.css} +0 -0
modules/login-security/css/{jquery-ui.theme.min.1579033043.css → jquery-ui.theme.min.1579191227.css} +0 -0
modules/login-security/css/{login.1579033043.css → login.1579191227.css} +0 -0
modules/login-security/js/{admin-global.1579033043.js → admin-global.1579191227.js} +0 -0
modules/login-security/js/{admin.1579033043.js → admin.1579191227.js} +0 -0
modules/login-security/js/{jquery-ui-timepicker-addon.1579033043.js → jquery-ui-timepicker-addon.1579191227.js} +0 -0
modules/login-security/js/{jquery.colorbox.1579033043.js → jquery.colorbox.1579191227.js} +0 -0
modules/login-security/js/{jquery.colorbox.min.1579033043.js → jquery.colorbox.min.1579191227.js} +0 -0
modules/login-security/js/{jquery.qrcode.min.1579033043.js → jquery.qrcode.min.1579191227.js} +0 -0
modules/login-security/js/{jquery.tmpl.min.1579033043.js → jquery.tmpl.min.1579191227.js} +0 -0
modules/login-security/js/{login.1579033043.js → login.1579191227.js} +0 -0
modules/login-security/wordfence-login-security.php +1 -1
readme.txt +4 -1
wordfence.php +3 -3

	@@ -1119,8 +1119,9 @@ SQL
1119	$iwpRule = new wfWAFRule(wfWAF::getInstance(), 0x80000000, null, 'auth-bypass', 100, 'Infinite WP Client - Authentication Bypass < 1.9.4.5', 0, 'block', null);
1120	wfWAF::getInstance()->setRules(wfWAF::getInstance()->getRules() + array(0x80000000 => $iwpRule));
1121
1122	- if (~~preg_match~~(~~'/^.?_IWP_JSON_PREFIX_(.)$/s',~~ wfWAF::getInstance()->getRequest()->getRawBody(), ~~$matches~~)) {
1123	- $~~iwpRequest~~ = ~~json_decode~~(~~base64_decode($matches[1])~~, ~~true~~);

1124	if (is_array($iwpRequest)) {
1125	if (array_key_exists('iwp_action', $iwpRequest) &&
1126	($iwpRequest['iwp_action'] === 'add_site' \|\| $iwpRequest['iwp_action'] === 'readd_site')


1119	$iwpRule = new wfWAFRule(wfWAF::getInstance(), 0x80000000, null, 'auth-bypass', 100, 'Infinite WP Client - Authentication Bypass < 1.9.4.5', 0, 'block', null);
1120	wfWAF::getInstance()->setRules(wfWAF::getInstance()->getRules() + array(0x80000000 => $iwpRule));
1121
1122	+ if (strrpos(wfWAF::getInstance()->getRequest()->getRawBody(), '_IWP_JSON_PREFIX_') !== false) {
1123	+ $iwpRequestDataArray = explode('_IWP_JSON_PREFIX_', wfWAF::getInstance()->getRequest()->getRawBody());
1124	+ $iwpRequest = json_decode(trim(base64_decode($iwpRequestDataArray[1])), true);
1125	if (is_array($iwpRequest)) {
1126	if (array_key_exists('iwp_action', $iwpRequest) &&
1127	($iwpRequest['iwp_action'] === 'add_site' \|\| $iwpRequest['iwp_action'] === 'readd_site')

	@@ -4,7 +4,7 @@ Tags: security, firewall, malware scanner, web application firewall, two factor
4	Requires at least: 3.9
5	Requires PHP: 5.3
6	Tested up to: 5.3
7	- Stable tag: 7.4.4
8
9	Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
10
	@@ -183,6 +183,9 @@ Secure your website with Wordfence.
183
184	== Changelog ==
185



186	= 7.4.4 - January 14, 2020 =
187	* Fix: Fixed a UI issue where the scan summary status marker for malware didn't always match the findings.
188


4	Requires at least: 3.9
5	Requires PHP: 5.3
6	Tested up to: 5.3
7	+ Stable tag: 7.4.5
8
9	Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
10

183
184	== Changelog ==
185
186	+ = 7.4.5 - January 15, 2020 =
187	+ * Improvement: Improved WAF coverage for an Infinite WP authentication bypass vulnerability. Credit to Marc Montpas for finding a bypass.
188	+
189	= 7.4.4 - January 14, 2020 =
190	* Fix: Fixed a UI issue where the scan summary status marker for malware didn't always match the findings.
191

	@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6	Author: Wordfence
7	- Version: 7.4.4
8	Author URI: http://www.wordfence.com/
9	Network: true
10	*/
	@@ -15,8 +15,8 @@ if(defined('WP_INSTALLING') && WP_INSTALLING){
15	if (!defined('ABSPATH')) {
16	exit;
17	}
18	- define('WORDFENCE_VERSION', '7.4.4');
19	- define('WORDFENCE_BUILD_NUMBER', '~~1579033043~~');
20	define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
21	basename(dirname(__FILE__)) . '/' . basename(__FILE__));
22

	@@ -27,7 +27,7 @@ else {
27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	define('WORDFENCE_LS_VERSION', '1.0.5');
30	- define('WORDFENCE_LS_BUILD_NUMBER', '~~1579033043~~');
31
32	if (!defined('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES')) { define('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES', 15); }
33


27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	define('WORDFENCE_LS_VERSION', '1.0.5');
30	+ define('WORDFENCE_LS_BUILD_NUMBER', '1579191227');
31
32	if (!defined('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES')) { define('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES', 15); }
33

Wordfence Security – Firewall & Malware Scan - Version 7.4.5

Version Description

Release Info

Code changes from version 7.4.4 to 7.4.5