Headline
CVE-2018-6195: Changeset 1807349 for wp-splashing-images – WordPress Plugin Repository
admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress allows authenticated (administrator, editor, or author) remote attackers to conduct PHP Object Injection attacks via crafted serialized data in the ‘session’ HTTP GET parameter to wp-admin/upload.php.
Timestamp:
01/22/2018 07:29:38 PM (5 years ago)
janhenckens
Message:
Security update
Location:
wp-splashing-images/trunk
Files:
- README.txt (2 diffs)
- admin/partials/wp-splashing-admin-main.php (1 diff)
- admin/partials/wp-splashing-admin-sidebar.php (1 diff)
- wp-splashing-images.php (1 diff)
Legend:
Unmodified
Added
Removed
wp-splashing-images/trunk/README.txt
r1799926
r1807349
5
5
Requires at least: 4.0
6
6
Tested up to: 4.9.1
7
Stable tag: 2.1.0
7
Stable tag: 2.1.1
8
8
License: GPLv2 or later
9
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
…
…
33
33
\== Changelog ==
34
34
35
\= 2.1.1 =
36
\* Fixed 2 security issues
37
35
38
\= 2.1 =
36
39
\* Updated unsplash library and use the new download function
wp-splashing-images/trunk/admin/partials/wp-splashing-admin-main.php
r1799926
r1807349
20
20
</h1>
21
21
<?php if($\_GET\['session'\]) {
22
23
$data = unserialize(base64\_decode($\_GET\['session'\]));
22
$data = unserialize(base64\_decode($\_GET\['session'\]), \['allowed\_classes' => false\]);
24
23
$this->unsplash->saveTokens($data\['token'\]);
25
24
$user = $this->unsplash->getUser(); ?>
wp-splashing-images/trunk/admin/partials/wp-splashing-admin-sidebar.php
r1675965
r1807349
7
7
<form id="splashing-search" method="get" action="<?php echo esc\_url(admin\_url('admin-post.php')); ?>">
8
8
<label class="screen-reader-text" for="post-search-input">Search Posts:</label>
9
<input type="search" id="post-search-input-splashing" name="search" value="<?php echo $\_GET\['search'\]; ?>" placeholder="<?php \_e('Search unsplash.com', 'wp-splashing-images'); ?>">
9
<input type="search" id="post-search-input-splashing" name="search" value="<?php echo sanitize\_title\_for\_query($\_GET\['search'\]); ?>" placeholder="<?php \_e('Search unsplash.com', 'wp-splashing-images'); ?>">
10
10
<input type="hidden" name="action" value="wp\_splashing\_search">
11
11
<input type="hidden" name="paged" value="1">
wp-splashing-images/trunk/wp-splashing-images.php
r1799926
r1807349
17
17
\* Plugin URI: http://studioespresso.co
18
18
\* Description: Unsplash.com), right in your dashboard. Add photos with one click and use them in your content right away.
19
\* Version: 2.1.0
19
\* Version: 2.1.1
20
20
\* Author: Studio Espresso
21
21
\* Author URI: http://studioespresso.co
Note: See TracChangeset for help on using the changeset viewer.