- Contains the ability to transmit data from one WordPress installation to another. A detailed security audit of the protocol used would be outside of the scope of a light-touch inspection such as this
- Appears to use
unserialize()as part of the protocol. Depending on what classes are available in this plugin or other active plugins,
unserialize()can lead to arbitrary code execution
- Unlinks files without checking they reside within a particular directory. Unknown if this can be exploited
- Checks for new versions via HTTP instead of HTTPS, though it seems that there’s not much a MITM attack could achieve in this case
- The plugin contains a comment which recommends disabling TLS verification “as a last resort” (this is probably a bad idea, even as a last resort): “Define RAMP_DISABLE_SSL_VERIFY as true to disable SSL certificate validation. This significantly reduces the security of SSL, but may be necessary in environments where WordPress cannot validate the production SSL certificate. Use this as a last resort if you are seeing this error: Error (-32300): transport error: http_request_failed SSL certificate problem: Invalid certificate chain”
The plugin contains or is likely to contain a vulnerability which could be exploited by a privileged user to affect the site’s confidentiality, integrity or availability in a manner exceeding their privileges:
- Use of
unserialize()could potentially lead to ACE in certain situations
- Use of
unlink()without checking for attempts at directory traversal
Read more about our failure criteria.
|Unsafe file or network IO|
We conduct these inspections for our own use, and publish them in the hope that they may be useful to others. We don't guarantee that these findings are correct.
Please read this site's terms of service before taking any action based on information published here.
- Tom Adams
- Last revised
- April 4, 2017
- Versions tested
- Plugin homepage
- Other versions