Login

Tag Archives: Child Themes Helper

27 Mar 2019

Full Disclosure of Authenticated Arbitrary File Viewing Vulnerability in Child Themes Helper

In our previous post we detailed an authenticated arbitrary file upload that our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities caught in the plugin Child Themes Helper. It looks like there is quite a bit of inadequately secured code in the plugin, but one other issue that stood out is an authenticated arbitrary file viewing vulnerability.

The plugin makes the function editFile() available to those logged in to WordPress: [Read more]

27 Mar 2019

Our Proactive Monitoring Caught an Authenticated Arbitrary File Upload Vulnerability in Child Themes Helper

One of the ways we help to improve the security of WordPress plugins, not just for our customers, but for everyone using them, is theĀ proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that we caught an authenticated arbitrary file upload vulnerability in the plugin Child Themes Helper, which is also exploitable through cross-site request forgery (CSRF). That occurs in an AJAX accessible function and it looks like a number of other ones are also insecure and contain vulnerabilities, one of the more serious we will detail in a follow up post.

The possibility of this vulnerability is also flagged by our Plugin Security Checker, so you can check plugins you use to see if they might have similar issues with that tool. [Read more]