Support » Plugin: InfiniteWP Client » Poor security-handling

  • I’ve opened an issue with the number #33753 on their support-ticket-system on the 10th of june 2015.
    We’ve had a lengthy discussion about their way of storing backup-files in a folder without real protection.
    With the releases of 1.3.14 and 1.3.15 they’ve changed at least their naming-convention for the hash-part of the stored backup-file – it was md5(time()) before.

    But still if you know the backupfilename you can download it. There is no real protection whatsoever.

    And after reading the timeline of this major incident at the end of last year http://www.intelligentexploit.com/view-details.html?id=20365 I’ve decided to not ever use this software again.

    If one treats security issues like this; the nice and uncluttered interface can not fill this kind of gap.

    PS: Btw. you really should update the client-plugin now – there is a PoC in the wild!

Viewing 1 replies (of 1 total)
  • Plugin Author infinitewp

    (@infinitewp)

    Security issues are unavoidable in an open source project, this applies to WordPress, Joomla etc. All we can do is
    fix the issues and be proactive when we get notified about them. In both the cases we were. http://www.intelligentexploit.com/view-details.html?id=20365
    Though panel is meant to be hidden we did fix the issues and posted an update ASAP.

    Changing the naming convention was the immediate long term fix we could do for this issue. The tool uses the backup URL for many things. So its not
    an easy change we could make. We are working on an option to encrypt backup too. So its definitely on our cards to make this even better.

    We do take security issues very seriously, thats why we made this tool self hosted 🙂

Viewing 1 replies (of 1 total)
  • The topic ‘Poor security-handling’ is closed to new replies.