Login

Tag Archives: Breeze

25 Oct 2019

Closures of Very Popular WordPress Plugins, Week of October 25

While we already are far ahead of other companies in keeping up with vulnerabilities in WordPress plugins (amazingly that isn’t an exaggeration), in looking in to how we could get even better we noticed that in a recent instance were a vulnerability was exploited in a plugin, we probably could have warned our customers about the vulnerability even sooner if we had looked at the plugin when it was first closed on the Plugin Directory instead of when the vulnerability was fixed (though as far as we are aware the exploitation started after we had warned our customers of the fix). So we are now monitoring to see if any of the 1,000 most popular plugins are closed on the Plugin Directory and then seeing if it looks like that was due to a vulnerability.

This week one of those plugins was closed and was re-opened. [Read more]

2 Oct 2019

Vulnerability Details: Cross-Site Request Forgery (CSRF)/Settings Change in Breeze

One of the changelog entries for the latest version of Breeze is “Fix: Validation of nonce.” That sounds a bit odd since a nonce is used to prevent cross-site request forgery (CSRF) and to do that to you check that a nonce sent with a request is valid. One of the recent Subversion commits for the plugin looked related as the log message was “Improved security for ‘nonce’ check“. Looking at that explained things, as previously the code only actually checked if a nonce was sent with the request, but not if it was valid, which defeats the purpose of it.

[Read more]

22 Jul 2019

Our Plugin Security Checker Caught an Authenticated Open Redirect Vulnerability in Breeze

Our Plugin Security Checker allows anyone to check for the possibility of some instances of security vulnerabilities in WordPress plugins. While the tool is something we would describe as being far from advanced in what it can do, with the current state of security with WordPress plugins it has been able to spot vulnerabilities even in fairly popular plugins. That is the case with the plugin Breeze, which has 70,000+ installs, where it flagged the possibility of an open redirect vulnerability, which a quick check confirmed was an authenticated variant of that, which makes it of limited concern, though it is something that could have been easily avoided.

The tool identified the following two lines of code as possibly leading to an open redirect: [Read more]