Last update at :2023-12-31,Edit by888u
I have been using Alibaba Cloud server. Of course, this website is not placed on Alibaba Cloud. I often receive text messages in my mailbox and backend prompting "WordPress background plug-in update module arbitrary directory traversal leading to DOS vulnerability." Unfortunately, Alibaba Cloud did not provide If you need to modify the solution, you can purchase the provided Server Guard Professional Edition to repair it. If you use other programs, you will soon receive loopholes in the program you are using, etc. I tried this myself.
At present, the latest 4.6.1 series of wordpress has fixed this vulnerability, so the solution is to directly upgrade to the latest version. However, some users' themes may have compatibility issues when upgrading to the latest version, so they will not be upgraded for the time being, and the background upgrade is also very slow or cannot be upgraded at all, hehe. Let’s talk about the repair plan for versions 4.5.4 and below. When making code changes, it is recommended to make a backup copy to prevent modification errors and restore them immediately. It is best to package and back up the entire site data.
WordPress 4.5.4Version
We only need to open the WordPress backend file/wp-admin/includes/ajax-actions.php and search for the following code:
- $plugin = urldecode( $_POST[‘plugin’] );
Then add the following code after this code:
- $plugin = plugin_basename( sanitize_text_field( wp_unslash( $_POST[‘plugin’] ) ) );
At this point, after modifying, saving and uploading the overwrite, the DOS vulnerability caused by arbitrary directory traversal in the WordPress backend plug-in update module of WordPress 4.5.4 version can be successfully repaired.
WordPress 4.5.4Less than
If you are using a version below 4.5.4, you may need to modify the following two places: (PS: If the code in the following 2 points of a certain version is the same as after repair, there is no need to modify it): < /p>
1. Search for the following code in the /wp-admin/includes/ajax-actions.php file:
- if ( $plugin_update_data === true ) {
- wp_send_json_error( $status );
- }
Change directly to:
- if ( $plugin_update_data === true ) {
- $status[‘error’] = __( ‘Plugin update failed.’ );
- wp_send_json_error( $status );
- }
2. Search for the following code in the /wp-admin/includes/ajax-actions.php file:
- if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->get_error_code() ) {
- $status[‘error’] = $wp_filesystem->errors->get_error_message();
- }
- wp_send_json_error( $status );
- }
- }
Change directly to:
- if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->get_error_code() ) {
- $status[‘error’] = $wp_filesystem->errors->get_error_message();
- }
- wp_send_json_error( $status );
- } else {
- // An unhandled error occurred
- $status[‘error’] = __( ‘Plugin update failed.’ );
- wp_send_json_error( $status );
- }
- }
After modifying, saving and uploading the overwrite, the DOS vulnerability caused by arbitrary directory traversal in the WordPress backend plug-in update module below WordPress 4.5.4 can be successfully repaired.
Of course you can ignore it, otherwise Alibaba Cloud will remind you every day, hehe! A simple operation only takes a few minutes. After repairing it, don’t forget to go to the Alibaba Cloud backend to verify it, otherwise the reminder will still be there!
In fact, on the other hand, it also shows that Alibaba Cloud's security reminder is quite good. Although it is to promote its Server Guard Professional Edition, it also shows that there is indeed a problem, hehe.
Recommended site search: free US host, web page registration, Korean high defense server, all-round virtual host, app server rental, corporate email, free server website mobile IP agent, monthly payment space, registration-free space,
发表评论