Eram curios, am facut niste teste, rezultatele sunt ale dracului de triste.
https://vox.space/blog/93/sad-state-of-romanian-wordpress-blogs
Daca aveti ceva sugestii … Eu am cateva, dar nu cred ca ar aprecia “proprietarii blogurilor respective” Sau aia care sterg praful de pe ele.
LE: Am mai updatat statisticile, se pot downloada datele in format csv, xls si sql.
Chestia cu XML RPC e cea mai importanta. Am invatat “the hard way” cand am avut serverul floodat pe un domeniu al unei prietene care nici nu prea avea trafic.
http://blog.emag.ro/readme.html
Wordpress 4.3 (lansat in August 2015) … fara alte cuvinte. Si noi vorbim de OOP, frameworkuri, CloudFront, AI, data learning, big data. Fantezii prieteni. Fantezii.
WordPress <= 4.3 - Authenticated Shortcode Tags Cross-Site Scripting (XSS)
Reference: https://wpvulndb.com/vulnerabilities/8186
Reference: https://wordpress.org/news/2015/09/wordpress-4-3-1/
Reference: http://blog.checkpoint.com/2015/09/15/finding-vulnerabilities-in-core-wordpress-a-bug-hunters-trilogy-part-iii-ultimatum/
Reference: http://blog.knownsec.com/2015/09/wordpress-vulnerability-analysis-cve-2015-5714-cve-2015-5715/
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5714
WordPress <= 4.3 - User List Table Cross-Site Scripting (XSS)
Reference: https://wpvulndb.com/vulnerabilities/8187
Reference: https://wordpress.org/news/2015/09/wordpress-4-3-1/
Reference: https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7989
WordPress <= 4.3 - Publish Post and Mark as Sticky Permission Issue
Reference: https://wpvulndb.com/vulnerabilities/8188
Reference: https://wordpress.org/news/2015/09/wordpress-4-3-1/
Reference: http://blog.checkpoint.com/2015/09/15/finding-vulnerabilities-in-core-wordpress-a-bug-hunters-trilogy-part-iii-ultimatum/
Reference: http://blog.knownsec.com/2015/09/wordpress-vulnerability-analysis-cve-2015-5714-cve-2015-5715/
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5715
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
Reference: https://wpvulndb.com/vulnerabilities/8358
Reference: https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
Reference: https://github.com/WordPress/WordPress/commit/7ab65139c6838910426567849c7abed723932b87
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1564
WordPress 3.7-4.4.1 - Local URIs Server Side Request Forgery (SSRF)
Reference: https://wpvulndb.com/vulnerabilities/8376
Reference: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
Reference: https://core.trac.wordpress.org/changeset/36435
Reference: https://hackerone.com/reports/110801
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222
WordPress 3.7-4.4.1 - Open Redirect
Reference: https://wpvulndb.com/vulnerabilities/8377
Reference: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
Reference: https://core.trac.wordpress.org/changeset/36444
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221
WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
Reference: https://wpvulndb.com/vulnerabilities/8473
Reference: https://codex.wordpress.org/Version_4.5
Reference: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
WordPress <= 4.4.2 - Reflected XSS in Network Settings
Reference: https://wpvulndb.com/vulnerabilities/8474
Reference: https://codex.wordpress.org/Version_4.5
Reference: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
WordPress <= 4.4.2 - Script Compression Option CSRF
Reference: https://wpvulndb.com/vulnerabilities/8475
Reference: https://codex.wordpress.org/Version_4.5
WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
Reference: https://wpvulndb.com/vulnerabilities/8488
Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
Reference: https://github.com/WordPress/WordPress/commit/a493dc0ab5819c8b831173185f1334b7c3e02e36
Reference: https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
WordPress 4.2-4.5.1 - Pupload Same Origin Method Execution (SOME)
Reference: https://wpvulndb.com/vulnerabilities/8489
Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
Reference: https://github.com/WordPress/WordPress/commit/c33e975f46a18f5ad611cf7e7c24398948cecef8
Reference: https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e
Reference: http://avlidienbrunn.com/wp_some_loader.php
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4566
LE: http://blog.f64.ro/readme.html (Wordpress 4.4, Decembrie 2015)
http://blog.f64.ro/wp-content/debug.log
Eu imi cam pierd speranta …
Speranța să ce?
Speranta ca romanii chiar stiu ce fac. Am senzatia ca se merge pe tutoriale si ghicite.
Explicatia pentru lipsa actualizarilor sau actualizarea tarzie a WordPress-ului (nu ca ar conta) e faptul ca “daca fac update poate se strica tema”. Adica exact ce ziceai si tu mai sus, mersul pe ghicite si tutoriale.
La bloggeri, poate. Dar la firmele mari, blogurile sunt ceva terțiar. Crezi Emag asignează vreun developer să se ocupe de blog? La câte campanii rulează, probabil că blogul e ultimul pe to-do list.
Asa o fi, dar nici nu trebuie sa faca mare lucru, exista auto-update pentru core si prin JetPack si la plugin-uri.
Sunt perfect de acord cu tine, asta e si problema, ca amandoi gandim asa. La cate campanii ruleaza, ar trebui sa aiba un intern pe care sa-l plateasca cu 2 milioane pe luna care sa apese butonul de “Update”. Atat.
LE: Nu mai vorbesc de alte variante, cum zice si @GeorgeG
@voxspace Inainte sa postezi lista cu blogurile ce nu sunt aduse le zi, presupun ca le-ai trimis un e-mail si au rezolvat problemele inainte sa le faci publice nu? 
Nu este etic sa postezi direct fiecare blog in parte cu link-uri catre vulnerabilitati si ce vers. de wp au instalat (chiar daca este ceva trivial din pers. ta).
De ce? Un “script kiddie” le preia frumos si isi face de cap.
Datele trebuiau sa fie anonimizate.
@dakull
Nu ma intereseaza bunastarea omenirii, si a nimanui in general, nu sunt security researcher, nu castig bani din asta, don’t give a shit about it.
Daca te invarti in industria asta si nu ai habar de securitate, iti asumi un mare risc. Eu nu fac risc-assessment, doar arat ca oamenii habar nu au ce fac.
Am in draft vreo 15 alte posturi legate de chestii in genul asta, pur si simplu nu merita bataia de cap sa contactezi niste oameni care probabil nu sunt interesati de ce am eu sa le spun.
Si in definitiv, viata e prea scurta.
LE: Etic este sa-ti tratezi cititorii cu respect si nu sa-ti transformi blogul intr-un botnet.
Primul site pe care il vad cu .htaccess-ul la liber:
http://www.bunescu.ro/.htaccess
http://www.bunescu.ro/wp-content/uploads/.htaccess