create a list of all public WordPress plugins
01.08.2024As ethical hacker I found an easy way to get a list of all public WordPress plugins.
As ethical hacker I found an easy way to get a list of all public WordPress plugins.
A few weeks ago, I did some small security audits of WordPress plugins and the result is not great.
It only needs some creativity to bypass the security measures of a WordPress plugin, that tries to hide your login URL.
Every day attackers are scanning the internet for vulnerable WordPress websites and we can often see corresponding probing requests on most websites, even if they do not use WordPress.
Often links can be abused to take control of pages. This is a problem that is known for a very long time but it seems many developers are not aware of this or forgot about this.
Valid URLs can use a wide range of different protocols. This requires strict validation of user supplied URLs combined with correct checks. Too lax or wrong checks can quickly lead to vulnerabilities.
npm, pnpm and yarn were vulnerable to binary planting and arbitrary file (over)write through the bin field in package.json.
This is a post mortem report of a hacked WordPress instance with a cryptominer in 2018 which was handled by me.
This is a post mortem report of a contact form spam attack in 2018 which was handled by me.