We will explain how to directly edit plug-ins and other plug-ins to close vulnerabilities in WordPress plug-ins without updating the plug-ins.
Coding and patching WordPress vulnerabilities directly
WordPress vulnerabilities are generally patched by the creator of the plugin or theme and updates are released, so you can close them by adapting the updates.
However, for some reasons, plug-ins cannot be deployed or patched because they are no longer under development, and depending on the PHP version and WordPress version, the update may cause the plug-in to malfunction.
In these cases, it is one thing to look for an alternative plugin, but it is also possible to directly edit the PHP code of the plugin, etc. to plug the vulnerability.
This case study and methodology will be presented here.
Let’s try to directly close the CVE-2020-25213 vulnerability in the File Manager plugin, which affected 700,000 sites.
Vulnerability information is available here → https://nvd.nist.gov/vuln/detail/CVE-2020-25213
In order to close the vulnerability, you need to know about it and understand what kind of vulnerability it is. I googled this vulnerability and found the following information online.
700,000 WordPress Users Affected by Zero-Day Vulnerability in File Manager Plugin
The vulnerability in CVE-2020-25213 appears to be the following
1 Arbitrary files can be uploaded by hackers to the wp-content/plugins/wp-file-manager/lib/files/ folder
2 The vulnerability is contained in the public function run() function of the file connector.minimal.php, which is left unused in the File Manager plugin
3 If malicious code is planted in this uploaded executable file, an arbitrary program could be executed on the server by a hacker with access to that file.
Since it is stated that this run function in connector.minimal.php is not used by the plugin, it means that to close the vulnerability, this function should not be able to be executed.
public function run() { return; //end the process without doing anything $isPost = $this->reqMethod === 'POST'; $src = $isPost ? array_merge($_GET, $_POST) : $_GET; $maxInputVars = (! $src || isset($src['targets'])) ? ini_get('max_input_vars') : null; ....
This example shows the simplest patchable example, but some vulnerabilities are manifested in complex processes through multiple functions in plugins and themes.
To patch such vulnerabilities directly requires considerable skill and knowledge of the vulnerability, investigation and understanding of how the function is executed, and testing in a secure test environment after the vulnerability is patched.
Therefore, closing individual vulnerabilities is often an extremely difficult task.
For vulnerability scanning and malware removal, please use the [Free] WordPress: Malware Scanning & Security Plug-in [Malware and Virus Detection and Removal].