<?php // NinjaFirewall's dropins.php ~ Do not delete this file!
 if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); } if (defined('WP_CLI') && WP_CLI ) { return; } if (! is_super_admin() ) { if ( isset( $_REQUEST['action'] ) ) { $nfw_act_hash = sha1( $_REQUEST['action'] ); if ( in_array( $nfw_act_hash, array( 'e0e4089a3e2a49463907e6e3b896bbd8f68b01cb', '205d3c42a8ac01d53416d6dea0af62b225262428' ) ) ) { nfw_dropin_block( "REQUEST:action = {$_REQUEST['action']}", 3, 1624); } elseif ( $nfw_act_hash == 'c70d6d03839a95ef3a3acc088c67a69a0fce6aa3' ) { if ( isset( $_POST['membershipid'] ) && nfw_dropin_can_delete_post( $_POST['membershipid'] ) == false ) { nfw_dropin_block( "REQUEST:action = {$_REQUEST['action']}", 3, 1626 ); } } elseif ( $nfw_act_hash == '1090835a56ce389cedc3ef268ebcb45c59d6dba9' ) { nfw_dropin_block( "REQUEST:action = {$_REQUEST['action']}", 3, 1627 ); } elseif ( in_array( $nfw_act_hash, array( 'f8182d759d82f2d390c086a94fd4132abc88eeb7', '65e3caa6ed411246bf5b70df49e666b0fe3e20e2' ) ) ) { nfw_dropin_block( "REQUEST:action = {$_REQUEST['action']}", 3, 1625); } } if ( isset( $_SERVER['REQUEST_METHOD'] ) && $_SERVER['REQUEST_METHOD'] == 'POST' ) { if ( preg_match( '`1/api/ulisting-user/(?:deletelisting|draft_or_delete)`i', @urldecode( $_SERVER['REQUEST_URI'] ) ) ) { $rb = file_get_contents('php://input'); if ( $rb = json_decode($rb, true) ) { if (! empty( $rb['user_id'] ) && $rb['user_id'] == get_current_user_id() ) { if ( nfw_dropin_can_edit_post( $rb['listing_id'] ) == true ) { return; } } } nfw_dropin_block( "REQUEST_URI = {$_SERVER['REQUEST_URI']}", 3, 1603 ); } } } if ( ( isset( $_SERVER['REQUEST_URI'] ) && stripos( $_SERVER['REQUEST_URI'], '/wc/store/products/collection-data' ) !== FALSE ) || ( isset( $_REQUEST['rest_route'] ) && stripos( $_REQUEST['rest_route'], '/wc/store/products/collection-data' ) !== FALSE ) ) { if ( nfw_dropin_isvulnplugin( 'woocommerce/woocommerce.php', '5.5.1' ) === true || nfw_dropin_isvulnplugin( 'woo-gutenberg-products-block/woocommerce-gutenberg-products-block.php', '5.5.1' ) === true ) { nfw_dropin_block( "REQUEST_URI = {$_SERVER['REQUEST_URI']}", 3, 1604 ); } } if ( isset( $_GET['wcj_user_id'] ) && file_exists( WP_PLUGIN_DIR .'/woocommerce-jetpack/woocommerce-jetpack.php' ) ) { if ( nfw_dropin_isvulnplugin( 'woocommerce-jetpack/woocommerce-jetpack.php', '5.4.4' ) === true ) { nfw_dropin_block( "GET:wcj_user_id = {$_GET['wcj_user_id']}", 3, 1605 ); } } if ( file_exists( WP_PLUGIN_DIR .'/wpcargo/includes/barcode.php' ) ) { if ( filesize( WP_PLUGIN_DIR .'/wpcargo/includes/barcode.php' ) > 1 ) { rename( WP_PLUGIN_DIR .'/wpcargo/includes/barcode.php', WP_PLUGIN_DIR .'/wpcargo/includes/barcode.php_VULNERABLE' ); touch( WP_PLUGIN_DIR .'/wpcargo/includes/barcode.php' ); } } if ( isset( $_POST['extraData']['content'] ) ) { $data = explode( ';base64,', $_POST['extraData']['content'] ); $data = base64_decode( $data[ 1 ] ); if ( preg_match( '/\b[OC]:\d+:"[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*":\d+:{.*?}/', $data ) ) { nfw_dropin_block( "POST:extraData:content = PHP Object Injection", 3, 1606 ); } } if ( isset( $_REQUEST['NF_Admin_Processes_ImportForm::startup'] ) ) { nfw_dropin_block( "NF_Admin_Processes_ImportForm::startup = {$_REQUEST['NF_Admin_Processes_ImportForm::startup'] }", 3, 1607 ); } function nfw_dropin_block( $message, $level, $rule ) { nfw_log2('WP vulnerability', $message, $level, $rule); exit("Error: please contact the administrator."); } function nfw_dropin_can_edit_post( $postid ) { $type = get_post_type( (int) $postid ); if ( ( $type == 'page' || $type == 'post' ) && ! current_user_can( "edit_{$type}", $postid ) ) { return false; } return true; } function nfw_dropin_can_delete_post( $postid ) { $type = get_post_type( (int) $postid ); if ( ( $type == 'page' || $type == 'post' ) && ! current_user_can( "delete_{$type}", $postid ) ) { return false; } return true; } function nfw_dropin_isvulnplugin( $slug, $version ) { if ( file_exists( WP_PLUGIN_DIR ."/$slug") ) { if (! function_exists('get_plugin_data') ) { require_once( ABSPATH .'wp-admin/includes/plugin.php'); } $info = get_plugin_data( WP_PLUGIN_DIR ."/$slug"); if (version_compare( $info['Version'], $version, '<') ) { return true; } } return false; }