Login

Tag Archives: Hueman

29 Nov 2018

Report This Theme Feature of WordPress Theme Directory Doesn’t Seem to Lead To Appropriate Action When Security Vulnerability Reported

What has long seem to us to be an obvious issue with the WordPress Plugin Directory is a lack of any mention of how to report security issues in plugins or a method to do that reporting, on the pages for plugins. For the people on the WordPress side of things that doesn’t seem to be obvious even though moderators repeatedly tell people reporting those through the forum that they shouldn’t be doing that (a lack of ability to conceive that what they are doing isn’t working seems endemic among the people on the WordPress team and has lead to serious issues, like websites being unnecessarily hacked). Interestingly after running across a vulnerable WordPress theme, Hueman, a couple of weeks ago we noticed that the Theme Directory actually has that sort of thing.

On the theme’s main page is button to “Report this theme” on right hand sidebar: [Read more]

14 Nov 2018

Full Disclosure of CSRF/PHP Object Injection Vulnerability in WordPress Theme with 70,000+ Installs

With our service we cover WordPress plugins (as you might guess from our name), but not WordPress themes. There are a number of reasons for that, including the dearth of vulnerabilities being disclosed in themes, which seems to be related to the limited amount of potentially vulnerable code in them despite it being possible for them to contain all the same types of issues as plugins. We got a reminder of that when we did a check over some of the most popular themes available in the WordPress Theme Directory against the checks we do of changes being made to plugins as part of our proactive monitoring to try to catch serious vulnerabilities before they are exploited and a few other checks. The proactive monitoring checks didn’t pull up anything, but one of the other checks brought up the fact that the theme Hueman , which has 70,000+ active installs according to wordpress.org, contains the plugin OptionTree.

Last week disclosed that OptionTree contains an authenticated PHP object injection vulnerability after noticing its usage in another plugin. With the theme Hueman the situation is somewhat worse since it isn’t even using the latest version of OptionTree, which means that it is also still vulnerable to a vulnerability that was discovered by Kacper Szurek and was fixed over two years ago. [Read more]