Vulnerabilty in program

  • Resolved Alta

    (@shellardee)


    6 years, 5 months ago

    We see a vulnerability in the program after your update. It appeared to try to remove the entire directory where the WordPress program is installed (WordPress in a subdirectory, wpdir). Here is the error

    [27-Oct-2017 05:16:23 UTC] All-in-One Event Calendar: rmdir(/home/mysite/public_html/wpdir): Directory not empty @
    /home/mysite/public_html/wpdir/wp-content/plugins/all-in-one-event-calendar/lib/theme/compiler.php:212

    How about securing this ASAP?

Viewing 8 replies - 1 through 8 (of 8 total)
  • Sunny Lal

    (@sunny454)

    6 years, 5 months ago

    Hi @shellardee,

    Thanks for the information. Can you let me know if you were performing an update, an installation, or a deletion of the plugin (or something else), which triggered this message?

    Thread Starter Alta

    (@shellardee)

    6 years, 5 months ago

    Nothing was done. It may be related to a mysql injection attempt attempt with another plugin that happened at the same time.

    How can I send to you that error?
    It’s pretty long and I prefer to not post it here.

    Thread Starter Alta

    (@shellardee)

    6 years, 5 months ago

    p.s. my client loves your plugin.

    Sunny Lal

    (@sunny454)

    6 years, 5 months ago

    Hi @shellardee,

    Yes, Sending the error would help.

    If you have a Timely account, you can log into your Timely account and open a ticket by clicking on the Get Help link, or click here: https://dashboard.time.ly/account/get-help.

    Thread Starter Alta

    (@shellardee)

    6 years, 5 months ago

    I created an account and got
    Get Help is only available for users with an active calendar or WordPress plugin. If you have a WordPress plugin installed and are getting this message, be sure to sign in to the Timely Network found in the Settings page of your plugin.

    Do you have an easier way?

    Sunny Lal

    (@sunny454)

    6 years, 5 months ago

    @shellardee you can send it to labs @ time.ly (remove the spaces). Thankyou again.

    Thread Starter Alta

    (@shellardee)

    6 years, 5 months ago

    Done. Hope you get it 🙂
    Thanks for your help.

    Sunny Lal

    (@sunny454)

    6 years, 5 months ago

    @shellardee I have received it. Thanks again!

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Vulnerabilty in program’ is closed to new replies.