Vulnerability

  • Resolved Ced

    (@cedriccharles)


    3 months, 1 week ago

    Hello there,

    First of all, thank you for your plugin. I’m using it on a website where I’m still on 6.4.x branch (6.4.17 exactly).

    Yesterday, PatchStack published a security issue with version <= 7.1.6… Right now, I can’t update because it will require a lot of work due to the changes you made on version 7+. I have to plan the update, but it’s impossible to do it in a short time period. But I want to stay as “secure” as possible…

    Is it possible to tell me/us what’s needed to be changed in 6.4.17 to patch this security issue?

    Kind regards,

    Cedric

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Ced

    (@cedriccharles)

    3 months, 1 week ago

    Hello there 🙂

    Is it correct that I should “only” change things in these 2 files: theme-my-login-admin.js and class-theme-my-login-admin.php ?

    In theme-my-login-admin.js
    Transform this:

    $.post(ajaxurl, {
	action: 'tml-dismiss-notice',
	notice: notice.data('notice')
});

    Into this:

    $.post( ajaxurl, {
	action: 'tml-dismiss-notice',
	notice: notice.data( 'notice' ),
	nonce: notice.data( 'nonce' )
});

    In class-theme-my-login-admin.php
    Transform this:

    <div class="notice notice-info tml-notice is-dismissible" data-notice="7">

    Into this:

    <div class="notice notice-info tml-notice is-dismissible" data-notice="7" data-nonce="<?php echo wp_create_nonce( 'version-7' ); ?>">

    Thank you in advance,

    Cedric

    • This reply was modified 3 months, 1 week ago by Ced.
    Plugin Author Jeff Farthing

    (@jfarthing84)

    1 month, 1 week ago

    The “vulnerability” (that allows a non-admin user to dismiss new TML extension notices – hardly a vulnerability) did not exist in versions before 7, and has been patched in 7.1.7.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.