https://www.pluginvulnerabilities.com/2017/09/08/cross-site-request-forgery-csrfphp-object-injection-vulnerability-in-backupbuddy/

Back in June we introduced a new feature to the service where we are proactively monitor changes made to plugins to try to catch serious vulnerabilities in plugins. To do that we first identify possible vulnerable code running a series of regular expressions over the changes being made to plugins in the Plugin Directory and then we manually check over

Share This