Wordfence Security – Firewall &amp; Malware Scan

Version Description

June 7, 2021 =
Fix: Resolve conflict with woocommerce-gateway-amazon-payments-advanced plugin

Release Info

Developer	wfalexk
Plugin	Wordfence Security – Firewall & Malware Scan
Version	7.5.4
Comparing to
See all releases

Code changes from version 7.5.3 to 7.5.4

Files changed (61) hide show

css/{activity-report-widget.1620658454.css → activity-report-widget.1623076348.css} +0 -0
css/{diff.1620658454.css → diff.1623076348.css} +0 -0
css/{dt_table.1620658454.css → dt_table.1623076348.css} +0 -0
css/{fullLog.1620658454.css → fullLog.1623076348.css} +0 -0
css/{iptraf.1620658454.css → iptraf.1623076348.css} +0 -0
css/{jquery-ui-timepicker-addon.1620658454.css → jquery-ui-timepicker-addon.1623076348.css} +0 -0
css/{jquery-ui.min.1620658454.css → jquery-ui.min.1623076348.css} +0 -0
css/{jquery-ui.structure.min.1620658454.css → jquery-ui.structure.min.1623076348.css} +0 -0
css/{jquery-ui.theme.min.1620658454.css → jquery-ui.theme.min.1623076348.css} +0 -0
css/{main.1620658454.css → main.1623076348.css} +0 -0
css/{phpinfo.1620658454.css → phpinfo.1623076348.css} +0 -0
css/{wf-adminbar.1620658454.css → wf-adminbar.1623076348.css} +0 -0
css/{wf-colorbox.1620658454.css → wf-colorbox.1623076348.css} +0 -0
css/{wf-font-awesome.1620658454.css → wf-font-awesome.1623076348.css} +0 -0
css/{wf-global.1620658454.css → wf-global.1623076348.css} +0 -0
css/{wf-ionicons.1620658454.css → wf-ionicons.1623076348.css} +0 -0
css/{wf-onboarding.1620658454.css → wf-onboarding.1623076348.css} +0 -0
css/{wf-roboto-font.1620658454.css → wf-roboto-font.1623076348.css} +0 -0
css/{wfselect2.min.1620658454.css → wfselect2.min.1623076348.css} +0 -0
css/{wordfenceBox.1620658454.css → wordfenceBox.1623076348.css} +0 -0
js/{Chart.bundle.min.1620658454.js → Chart.bundle.min.1623076348.js} +0 -0
js/{admin.1620658454.js → admin.1623076348.js} +0 -0
js/{admin.ajaxWatcher.1620658454.js → admin.ajaxWatcher.1623076348.js} +0 -0
js/{admin.liveTraffic.1620658454.js → admin.liveTraffic.1623076348.js} +0 -0
js/{date.1620658454.js → date.1623076348.js} +0 -0
js/{jquery-ui-timepicker-addon.1620658454.js → jquery-ui-timepicker-addon.1623076348.js} +0 -0
js/{jquery.colorbox-min.1620658454.js → jquery.colorbox-min.1623076348.js} +0 -0
js/{jquery.colorbox.1620658454.js → jquery.colorbox.1623076348.js} +0 -0
js/{jquery.dataTables.min.1620658454.js → jquery.dataTables.min.1623076348.js} +0 -0
js/{jquery.qrcode.min.1620658454.js → jquery.qrcode.min.1623076348.js} +0 -0
js/{jquery.tmpl.min.1620658454.js → jquery.tmpl.min.1623076348.js} +0 -0
js/{jquery.tools.min.1620658454.js → jquery.tools.min.1623076348.js} +0 -0
js/{knockout-3.3.0.1620658454.js → knockout-3.3.0.1623076348.js} +0 -0
js/{wfdashboard.1620658454.js → wfdashboard.1623076348.js} +0 -0
js/{wfdropdown.1620658454.js → wfdropdown.1623076348.js} +0 -0
js/{wfglobal.1620658454.js → wfglobal.1623076348.js} +0 -0
js/{wfi18n.1620658454.js → wfi18n.1623076348.js} +0 -0
js/{wfpopover.1620658454.js → wfpopover.1623076348.js} +0 -0
js/{wfselect2.min.1620658454.js → wfselect2.min.1623076348.js} +0 -0
lib/wordfenceClass.php +6 -5
modules/login-security/css/{admin-global.1620658454.css → admin-global.1623076348.css} +0 -0
modules/login-security/css/{admin.1620658454.css → admin.1623076348.css} +0 -0
modules/login-security/css/{colorbox.1620658454.css → colorbox.1623076348.css} +0 -0
modules/login-security/css/{font-awesome.1620658454.css → font-awesome.1623076348.css} +0 -0
modules/login-security/css/{ionicons.1620658454.css → ionicons.1623076348.css} +0 -0
modules/login-security/css/{jquery-ui-timepicker-addon.1620658454.css → jquery-ui-timepicker-addon.1623076348.css} +0 -0
modules/login-security/css/{jquery-ui.min.1620658454.css → jquery-ui.min.1623076348.css} +0 -0
modules/login-security/css/{jquery-ui.structure.min.1620658454.css → jquery-ui.structure.min.1623076348.css} +0 -0
modules/login-security/css/{jquery-ui.theme.min.1620658454.css → jquery-ui.theme.min.1623076348.css} +0 -0
modules/login-security/css/{login.1620658454.css → login.1623076348.css} +0 -0
modules/login-security/js/{admin-global.1620658454.js → admin-global.1623076348.js} +0 -0
modules/login-security/js/{admin.1620658454.js → admin.1623076348.js} +0 -0
modules/login-security/js/{jquery-ui-timepicker-addon.1620658454.js → jquery-ui-timepicker-addon.1623076348.js} +0 -0
modules/login-security/js/{jquery.colorbox.1620658454.js → jquery.colorbox.1623076348.js} +0 -0
modules/login-security/js/{jquery.colorbox.min.1620658454.js → jquery.colorbox.min.1623076348.js} +0 -0
modules/login-security/js/{jquery.qrcode.min.1620658454.js → jquery.qrcode.min.1623076348.js} +0 -0
modules/login-security/js/{jquery.tmpl.min.1620658454.js → jquery.tmpl.min.1623076348.js} +0 -0
modules/login-security/js/{login.1620658454.js → login.1623076348.js} +0 -0
modules/login-security/wordfence-login-security.php +1 -1
readme.txt +6 -2
wordfence.php +3 -3

css/{activity-report-widget.1620658454.css → activity-report-widget.1623076348.css} RENAMED Viewed

File without changes

css/{diff.1620658454.css → diff.1623076348.css} RENAMED Viewed

File without changes

css/{dt_table.1620658454.css → dt_table.1623076348.css} RENAMED Viewed

File without changes

css/{fullLog.1620658454.css → fullLog.1623076348.css} RENAMED Viewed

File without changes

css/{iptraf.1620658454.css → iptraf.1623076348.css} RENAMED Viewed

File without changes

css/{jquery-ui-timepicker-addon.1620658454.css → jquery-ui-timepicker-addon.1623076348.css} RENAMED Viewed

File without changes

css/{jquery-ui.min.1620658454.css → jquery-ui.min.1623076348.css} RENAMED Viewed

File without changes

css/{jquery-ui.structure.min.1620658454.css → jquery-ui.structure.min.1623076348.css} RENAMED Viewed

File without changes

css/{jquery-ui.theme.min.1620658454.css → jquery-ui.theme.min.1623076348.css} RENAMED Viewed

File without changes

css/{main.1620658454.css → main.1623076348.css} RENAMED Viewed

File without changes

css/{phpinfo.1620658454.css → phpinfo.1623076348.css} RENAMED Viewed

File without changes

css/{wf-adminbar.1620658454.css → wf-adminbar.1623076348.css} RENAMED Viewed

File without changes

css/{wf-colorbox.1620658454.css → wf-colorbox.1623076348.css} RENAMED Viewed

File without changes

css/{wf-font-awesome.1620658454.css → wf-font-awesome.1623076348.css} RENAMED Viewed

File without changes

css/{wf-global.1620658454.css → wf-global.1623076348.css} RENAMED Viewed

File without changes

css/{wf-ionicons.1620658454.css → wf-ionicons.1623076348.css} RENAMED Viewed

File without changes

css/{wf-onboarding.1620658454.css → wf-onboarding.1623076348.css} RENAMED Viewed

File without changes

css/{wf-roboto-font.1620658454.css → wf-roboto-font.1623076348.css} RENAMED Viewed

File without changes

css/{wfselect2.min.1620658454.css → wfselect2.min.1623076348.css} RENAMED Viewed

File without changes

css/{wordfenceBox.1620658454.css → wordfenceBox.1623076348.css} RENAMED Viewed

File without changes

js/{Chart.bundle.min.1620658454.js → Chart.bundle.min.1623076348.js} RENAMED Viewed

File without changes

js/{admin.1620658454.js → admin.1623076348.js} RENAMED Viewed

File without changes

js/{admin.ajaxWatcher.1620658454.js → admin.ajaxWatcher.1623076348.js} RENAMED Viewed

File without changes

js/{admin.liveTraffic.1620658454.js → admin.liveTraffic.1623076348.js} RENAMED Viewed

File without changes

js/{date.1620658454.js → date.1623076348.js} RENAMED Viewed

File without changes

js/{jquery-ui-timepicker-addon.1620658454.js → jquery-ui-timepicker-addon.1623076348.js} RENAMED Viewed

File without changes

js/{jquery.colorbox-min.1620658454.js → jquery.colorbox-min.1623076348.js} RENAMED Viewed

File without changes

js/{jquery.colorbox.1620658454.js → jquery.colorbox.1623076348.js} RENAMED Viewed

File without changes

js/{jquery.dataTables.min.1620658454.js → jquery.dataTables.min.1623076348.js} RENAMED Viewed

File without changes

js/{jquery.qrcode.min.1620658454.js → jquery.qrcode.min.1623076348.js} RENAMED Viewed

File without changes

js/{jquery.tmpl.min.1620658454.js → jquery.tmpl.min.1623076348.js} RENAMED Viewed

File without changes

js/{jquery.tools.min.1620658454.js → jquery.tools.min.1623076348.js} RENAMED Viewed

File without changes

js/{knockout-3.3.0.1620658454.js → knockout-3.3.0.1623076348.js} RENAMED Viewed

File without changes

js/{wfdashboard.1620658454.js → wfdashboard.1623076348.js} RENAMED Viewed

File without changes

js/{wfdropdown.1620658454.js → wfdropdown.1623076348.js} RENAMED Viewed

File without changes

js/{wfglobal.1620658454.js → wfglobal.1623076348.js} RENAMED Viewed

File without changes

js/{wfi18n.1620658454.js → wfi18n.1623076348.js} RENAMED Viewed

File without changes

js/{wfpopover.1620658454.js → wfpopover.1623076348.js} RENAMED Viewed

File without changes

js/{wfselect2.min.1620658454.js → wfselect2.min.1623076348.js} RENAMED Viewed

File without changes

lib/wordfenceClass.php CHANGED Viewed

	@@ -80,6 +80,7 @@ class wordfence {
80	private static $hitID = 0;
81	private static $debugOn = null;
82	private static $runInstallCalled = false;

83
84	const ATTACK_DATA_BODY_LIMIT=41943040; //40MB
85
	@@ -2661,7 +2662,7 @@ SQL
2661	$secEnabled = wfConfig::get('loginSecurityEnabled');
2662
2663	$twoFactorUsers = wfConfig::get_ser('twoFactorUsers', array());
2664	- $userDat = ~~(isset($_POST['wordfence_userDat']) ? $_POST['wordfence_userDat'] : false)~~;
2665
2666	$checkBreachList = $secEnabled &&
2667	!wfBlock::isWhitelisted($IP) &&
	@@ -3432,7 +3433,7 @@ SQL
3432	$user = get_user_by('ID', $userID);
3433	$username = $user->user_login;
3434	$passwd = $twoFactorNonce;
3435	- ~~$_POST['wordfence_userDat']~~ = $user;
3436	return;
3437	}
3438	}
	@@ -3446,7 +3447,7 @@ SQL
3446	$userDat = get_user_by('email', $username);
3447	}
3448
3449	- ~~$_POST['wordfence_userDat']~~ = $userDat;
3450	if(preg_match(self::$passwordCodePattern, $passwd, $matches)){
3451	$_POST['wordfence_authFactor'] = $matches[1];
3452	$passwd = preg_replace('/^(.+)\s+wf([a-z0-9 ]+)$/i', '$1', $passwd);
	@@ -3468,7 +3469,7 @@ SQL
3468	$user = get_user_by('ID', $userID);
3469	$username = $user->user_login;
3470	$passwd = $twoFactorNonce;
3471	- ~~$_POST['wordfence_userDat']~~ = $user;
3472	return;
3473	}
3474	}
	@@ -3482,7 +3483,7 @@ SQL
3482	$userDat = get_user_by('email', $username);
3483	}
3484
3485	- ~~$_POST['wordfence_userDat']~~ = $userDat;
3486	if(preg_match(self::$passwordCodePattern, $passwd, $matches)){
3487	$_POST['wordfence_authFactor'] = $matches[1];
3488	$passwd = preg_replace('/^(.+)\s+wf([a-z0-9 ]+)$/i', '$1', $passwd);


80	private static $hitID = 0;
81	private static $debugOn = null;
82	private static $runInstallCalled = false;
83	+ private static $userDat = false;
84
85	const ATTACK_DATA_BODY_LIMIT=41943040; //40MB
86

2662	$secEnabled = wfConfig::get('loginSecurityEnabled');
2663
2664	$twoFactorUsers = wfConfig::get_ser('twoFactorUsers', array());
2665	+ $userDat = self::$userDat;
2666
2667	$checkBreachList = $secEnabled &&
2668	!wfBlock::isWhitelisted($IP) &&

3433	$user = get_user_by('ID', $userID);
3434	$username = $user->user_login;
3435	$passwd = $twoFactorNonce;
3436	+ self::$userDat = $user;
3437	return;
3438	}
3439	}

3447	$userDat = get_user_by('email', $username);
3448	}
3449
3450	+ self::$userDat = $userDat;
3451	if(preg_match(self::$passwordCodePattern, $passwd, $matches)){
3452	$_POST['wordfence_authFactor'] = $matches[1];
3453	$passwd = preg_replace('/^(.+)\s+wf([a-z0-9 ]+)$/i', '$1', $passwd);

3469	$user = get_user_by('ID', $userID);
3470	$username = $user->user_login;
3471	$passwd = $twoFactorNonce;
3472	+ self::$userDat = $user;
3473	return;
3474	}
3475	}

3483	$userDat = get_user_by('email', $username);
3484	}
3485
3486	+ self::$userDat = $userDat;
3487	if(preg_match(self::$passwordCodePattern, $passwd, $matches)){
3488	$_POST['wordfence_authFactor'] = $matches[1];
3489	$passwd = preg_replace('/^(.+)\s+wf([a-z0-9 ]+)$/i', '$1', $passwd);

modules/login-security/css/{admin-global.1620658454.css → admin-global.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{admin.1620658454.css → admin.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{colorbox.1620658454.css → colorbox.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{font-awesome.1620658454.css → font-awesome.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{ionicons.1620658454.css → ionicons.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui-timepicker-addon.1620658454.css → jquery-ui-timepicker-addon.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui.min.1620658454.css → jquery-ui.min.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui.structure.min.1620658454.css → jquery-ui.structure.min.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{jquery-ui.theme.min.1620658454.css → jquery-ui.theme.min.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/css/{login.1620658454.css → login.1623076348.css} RENAMED Viewed

File without changes

modules/login-security/js/{admin-global.1620658454.js → admin-global.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{admin.1620658454.js → admin.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery-ui-timepicker-addon.1620658454.js → jquery-ui-timepicker-addon.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.colorbox.1620658454.js → jquery.colorbox.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.colorbox.min.1620658454.js → jquery.colorbox.min.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.qrcode.min.1620658454.js → jquery.qrcode.min.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{jquery.tmpl.min.1620658454.js → jquery.tmpl.min.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/js/{login.1620658454.js → login.1623076348.js} RENAMED Viewed

File without changes

modules/login-security/wordfence-login-security.php CHANGED Viewed

	@@ -27,7 +27,7 @@ else {
27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	define('WORDFENCE_LS_VERSION', '1.0.6');
30	- define('WORDFENCE_LS_BUILD_NUMBER', '~~1620658454~~');
31
32	if (!defined('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES')) { define('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES', 15); }
33


27	define('WORDFENCE_LS_FROM_CORE', ($wfCoreActive && isset($wfCoreLoading) && $wfCoreLoading));
28
29	define('WORDFENCE_LS_VERSION', '1.0.6');
30	+ define('WORDFENCE_LS_BUILD_NUMBER', '1623076348');
31
32	if (!defined('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES')) { define('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES', 15); }
33

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: mmaunder, wfryan, wfmatt, wfmattr
3	Tags: security, firewall, malware scanner, web application firewall, two factor authentication, block hackers, country blocking, clean hacked site, blocklist, waf, login security
4	Requires at least: 3.9
5	Requires PHP: 5.3
6	- Tested up to: 5.7
7	- Stable tag: 7.5.3
8
9	Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
10
	@@ -183,6 +183,10 @@ Secure your website with Wordfence.
183
184	== Changelog ==
185




186	= 7.5.3 - May 10, 2021 =
187
188	* Improvement: Expanded WAF capabilities including better JSON and user permission handling


3	Tags: security, firewall, malware scanner, web application firewall, two factor authentication, block hackers, country blocking, clean hacked site, blocklist, waf, login security
4	Requires at least: 3.9
5	Requires PHP: 5.3
6	+ Tested up to: 5.8
7	+ Stable tag: 7.5.4
8
9	Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
10

183
184	== Changelog ==
185
186	+ = 7.5.4 - June 7, 2021 =
187	+
188	+ * Fix: Resolve conflict with woocommerce-gateway-amazon-payments-advanced plugin
189	+
190	= 7.5.3 - May 10, 2021 =
191
192	* Improvement: Expanded WAF capabilities including better JSON and user permission handling

wordfence.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6	Author: Wordfence
7	- Version: 7.5.3
8	Author URI: http://www.wordfence.com/
9	Text Domain: wordfence
10	Domain Path: /languages
	@@ -17,8 +17,8 @@ if(defined('WP_INSTALLING') && WP_INSTALLING){
17	if (!defined('ABSPATH')) {
18	exit;
19	}
20	- define('WORDFENCE_VERSION', '7.5.3');
21	- define('WORDFENCE_BUILD_NUMBER', '~~1620658454~~');
22	define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
23	basename(dirname(__FILE__)) . '/' . basename(__FILE__));
24


4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
6	Author: Wordfence
7	+ Version: 7.5.4
8	Author URI: http://www.wordfence.com/
9	Text Domain: wordfence
10	Domain Path: /languages

17	if (!defined('ABSPATH')) {
18	exit;
19	}
20	+ define('WORDFENCE_VERSION', '7.5.4');
21	+ define('WORDFENCE_BUILD_NUMBER', '1623076348');
22	define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
23	basename(dirname(__FILE__)) . '/' . basename(__FILE__));
24

Wordfence Security – Firewall & Malware Scan - Version 7.5.4

Version Description

Release Info

Code changes from version 7.5.3 to 7.5.4