Jump to content

Archived

This topic is now archived and is closed to further replies.

faustus501

Security Advisory – Vulnerabilities in Pagelines/Platform theme for WordPress

By faustus501, in DMS & Legacy Products

Recommended Posts

faustus501    0

faustus501
Posted

Hi Pagelines,

 

I have received an email from a clients host saying their site has been compromised and that attacker may have exploited a vulnerability in the Platformpro theme;

 

How has this happened?

 

Upon inspecting the access logs, it seems that the attacker may have exploited a vulnerability in the Platformpro theme in your Wordpress site. Please see the below access log snippet for proof:

#########

87.255.57.161 - - [24/Jan/2015:12:39:29 +1100] "POST /wp-content/themes/platformpro/sections/sidebars/section.sb_universal.php HTTP/1.1" 200 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"

#########

 

They also give a reference;

 

Reference: https://thetechplex.com/security-issues/security-advisory-vulnerabilities-in-pagelinesplatform-theme-for-wordpress/

 

Their recommendation is to update the theme though as far as I can tell the theme is up to date.

 

The site in question is http://circusfactory.com.au/

 

Are you aware of this issue? If so is there an update or patch that can resolve this?

 

Many thanks

 

Justin

Share this post

Link to post
Share on other sites

Simon    248

Simon
Posted

Yes we are aware of it.

That post is a copy of this, the original post: http://blog.sucuri.net/2015/01/security-advisory-vulnerabilities-in-pagelinesplatform-theme-for-wordpress.html

 

We released a patch plugin and updated all updated themes.

There is a post in this forum, a blog post on our site and we emailed all customers who bought any affected theme.

 

It looks like the theme on that page is already at the patched version of 1.6.2

Share this post

Link to post
Share on other sites

faustus501    0

faustus501
Posted

Thanks Simon,

 

Don't know why they are saying it's the theme if it's updated to the latest version that specifically addresses the issue.

Share this post

Link to post
Share on other sites

Simon    248

Simon
Posted

Depends when you updated it.

You may have been already infected before you updated.

You may be infected by some other means.

The whole server might be infected.

 

That snippet of log doesn't mean anything, just shows that sidebar file was accessed via a browser.

Share this post

Link to post
Share on other sites

faustus501    0

faustus501
Posted

Thanks, pretty sure I have got rid of all offending files so should be ok now

Share this post

Link to post
Share on other sites
Go To Topic Listing DMS & Legacy Products

  • Similar Content

    • faustus501
      Security Advisory – Vulnerabilities in Pagelines/Platform theme for WordPress
      By faustus501
      Hi Pagelines,
       
      I have received an email from a clients host saying that their site has been compromised and that the attacker may have exploited a vulnerability in the Platformpro theme;
       
      How has this happened?
       
      Upon inspecting the access logs, it seems that the attacker may have exploited a vulnerability in the Platformpro theme in your Wordpress site. Please see the below access log snippet for proof:
      #########
      87.255.57.161 - - [24/Jan/2015:12:39:29 +1100] "POST /wp-content/themes/platformpro/sections/sidebars/section.sb_universal.php HTTP/1.1" 200 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
      #########
       
      They also give a reference;
       
      Reference: https://thetechplex.com/security-issues/security-advisory-vulnerabilities-in-pagelinesplatform-theme-for-wordpress/
       
      Their recommendation is to update the theme but as far as I can tell the theme is up to date.
       
      The site in question is http://circusfactory.com.au/
       
      Are you aware of this issue? If so is there a patch or update available to resolve this?
       
      Many Thanks
       
      Justin
×