WordPress.org

Ready to get started?Download WordPress

Forums

Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
[resolved] Leaflet Wikitude SQL injection (8 posts)

  1. zerpex
    Member
    Posted 1 year ago #

    Hello,

    I just want to inform you guys, that Leaflet-wikitude.php is open for any kind of SQL injection, maybe it would be nice to fix :)

    the above get request have been seen on multiple blogs running this plugin, what it does, is to select the user_activation_key from the wp_users table, why is this useful?

    You see, people can request a password reset, this will add this user_activation_key to the database, if people can inject the site, to get access to this activation key, it will be possible to get into a WP site, and do weird stuff.

    So please, take a look at the leaflet-wikitude file, and protect it against SQL injection. This is a serious security issue.

    http://wordpress.org/extend/plugins/leaflet-maps-marker/

  2. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    Hi,
    This was a known issue (although I couldnt reproduce this on my server) and is already fixed with v3.5 - please update your installations...
    Thanks anyway for reporting!
    Regards,
    Robert

  3. zerpex
    Member
    Posted 1 year ago #

    Where can I check the version if I don't have admin access (only shell), what I see in the readme.txt is:

    Contributors: harmr
    Plugin Name: Leaflet Maps Marker
    Plugin URI: http://www.mapsmarker.com
    Tags: Google Maps, OpenStreetMap, OSM, bing maps, googlemaps, google earth, map, maps, kml, travel, location, augmented-reality
    Author URI: http://www.harm.co.at
    Author: Robert Harm
    Donate link: http://www.mapsmarker.com/donations
    Requires at least: 3.0
    Tested up to: 3.6-alpha-23288
    Stable tag: 3.5
    License: GPLv2

    The above, the Stable tag: 3.5 is one of the sites that got hacked, during SQL injection.

    Best regards,
    Lucas R

  4. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    To forum administrators: please edit the first post from this thread removing the info on how this - already fixed with v3.5 - security issue can be exploited. As many users dont upgrade that quickly, I think that this might be better for security overall.

    Thanks!

  5. zerpex
    Member
    Posted 1 year ago #

    Hi Robert,

    I removed the example, sorry

    Best regards,
    Lucas R

  6. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    Hi Luca,
    You already have v3.5 installed where this issue is fixed - the Kind of attackiert you described is not possible with this version anymore as I make a string replacement off all Charakters for layer or marker Parameter now
    Best,
    Robert

  7. zerpex
    Member
    Posted 1 year ago #

    Okay, thanks.

    Let's hope this is fixed! :D Because I know a lot of people use the plugin (It's a awesome plugin btw), so high security is important IMO

  8. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    Security is an important issue for me. The plugin has been audited in the past already, but as I see security as a process, I will always try to improve it...
    best,
    Robert

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic