{"id":1007,"date":"2014-08-27T08:51:38","date_gmt":"2014-08-27T12:51:38","guid":{"rendered":"http:\/\/www.blogseye.com\/?p=1007"},"modified":"2014-08-27T08:51:38","modified_gmt":"2014-08-27T12:51:38","slug":"vulnerable-plugins","status":"publish","type":"post","link":"http:\/\/blogseye\/2014\/08\/vulnerable-plugins.html","title":{"rendered":"Vulnerable Plugins"},"content":{"rendered":"<p>I&#8217;ve been doing more analysis of my logs. I found a robot looking for a list of plugins. I can only assume that these plugins have or have had exploitable code. Probably the bugs have been fixed, but I would go through this list and be very careful about verifying this if you use one of these plugins.<\/p>\n<p>I am adding these to my &#8220;Protection&#8221; plugin 404 module to mark the ip addresses as dangerous.<\/p>\n<p>The robot searched for these files:<\/p>\n<p>wp-content\/plugins\/auto-attachments\/a-a.css<br \/>\nwp-content\/plugins\/category-grid-view-gallery\/cat_grid.php<br \/>\nwp-content\/plugins\/cimy-user-extra-fields\/README_OFFICIAL.txt<br \/>\nwp-content\/plugins\/ckeditor-for-wordpress\/ckeditor.config.js<br \/>\nwp-content\/plugins\/contact-form-7\/license.txt<br \/>\nwp-content\/plugins\/fcchat\/default.png<br \/>\nwp-content\/plugins\/font-uploader\/font-uploader-free.php<br \/>\nwp-content\/plugins\/front-end-upload\/destination.php<br \/>\nwp-content\/plugins\/gallery-plugin\/gallery-plugin.php<br \/>\nwp-content\/plugins\/mac-dock-gallery\/bugslist.txt<br \/>\nwp-content\/plugins\/magic-fields\/MF_Constant.php<br \/>\nwp-content\/plugins\/nextgen-gallery\/changelog.txt<br \/>\nwp-content\/plugins\/nmedia-user-file-uploader\/readme.txt<br \/>\nwp-content\/plugins\/resume-submissions-job-postings\/installer.php<br \/>\nwp-content\/plugins\/user-avatar\/readme.txt<br \/>\nwp-content\/plugins\/user-meta\/readme.txt<br \/>\nwp-content\/plugins\/user-photo\/admin.css<br \/>\nwp-content\/plugins\/wp-e-commerce\/license.txt<br \/>\nwp-content\/plugins\/wp-filemanager\/fm.php<br \/>\nwp-content\/plugins\/wp-homepage-slideshow\/functions.php<br \/>\nwp-content\/plugins\/wp-image-news-slider\/functions.php<br \/>\nwp-content\/plugins\/wp-property\/action_hooks.php<br \/>\nwp-content\/plugins\/wpmarketplace\/readme.txt<br \/>\nwp-content\/plugins\/wpstorecart\/lgpl.txt<br \/>\nwp-content\/plugins\/zingiri-web-shop\/admin.css<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;ve been doing more analysis of my logs. I found a robot looking for a list of plugins. I can only assume that these plugins have or have had exploitable code. Probably the bugs have been fixed, but I would go through this list and be very careful about verifying this if you use one [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts\/1007"}],"collection":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/comments?post=1007"}],"version-history":[{"count":1,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts\/1007\/revisions"}],"predecessor-version":[{"id":1008,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/posts\/1007\/revisions\/1008"}],"wp:attachment":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/media?parent=1007"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/categories?post=1007"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/tags?post=1007"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}