I want to warn you about security vulnerabilities in WordPress Attack
Scanner plugin for WordPress.
These are Information Leakage vulnerabilities. This is security plugin. In
my 63 advisories about different vulnerabilities in WordPress plugins
(http://websecurity.com.ua/3397/) I've wrote about security plugins many
times. Previous time it was plugin Wordfence Security.
-------------------------
Affected products:
-------------------------
Vulnerable are all versions of WordPress Attack Scanner - both Free and Pro
(commercial) versions of the plugin. Checked in WP-Attack-Scanner-Free
0.9.5.beta.
----------
Details:
----------
Information Leakage (WASC-13):
http://site/wp-content/plugins/path/data.txt
http://site/wp-content/plugins/path/archive.txt
Folder "path" can be WP-Attack-Scanner or WP-Attack-Scanner-Free.
Unrestricted access to the data - they can be accessed in the browser
without authorization. Even the data is encrypted, but by default the
password is "changepassword". If the password was not changed, then the data
is easily decrypting. If it was changed, then the password can be picked up.
------------
Timeline:
------------
2012.10.29 - announced at my site.
2012.11.03 - informed developers (at one e-mail).
2012.11.04 - informed developers (at another e-mail).
2013.01.29 - disclosed at my site (http://websecurity.com.ua/6120/).
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information