Security Issue – Unsanitized Input Causes Fatal Error | WordPress.org

MT
(@micheletenaglia)

4 months, 1 week ago

Hi Emili,
I discovered a security issue in DK PDF that causes fatal errors when malformed input is received in the PDF parameter.

Issue
The plugin crashes when receiving characters like backslashes or quotes in the pdf query parameter. In Generator.php line 26, get_query_var('pdf') is used directly without sanitization before being passed to ContextManager::setupContext().

Error received
PHP Fatal error: Uncaught Exception: Unknown archive type: 391315’\ in /wp-content/plugins/dk-pdf/modules/PDF/ContextManager.php:195

The malformed parameter pdf=391315\' causes the ContextManager to misinterpret a numeric post ID as an archive type string.

Impact
While this appears to be caused by bots/scanners, it exposes sites to potential DoS attacks through malformed requests.

Could you provide an email address where I can send you the complete stack trace privately?

Thanks for your work on this plugin!

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author dinamiko
(@dinamiko)

4 months, 1 week ago
Hello @micheletenaglia,

Thank you for letting me know about the issue, you can contact me at hi@dinamiko.dev
- This reply was modified 4 months, 1 week ago by dinamiko.
Thread Starter MT
(@micheletenaglia)

4 months, 1 week ago

Email sent, thank you.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

2 replies
2 participants
Last reply from: MT
Last activity: 4 months, 1 week ago
Status: not resolved