wordpress-mobile-pack icon indicating copy to clipboard operation
wordpress-mobile-pack copied to clipboard
verified publisher icon rock-solid

Sec Issue with Plugin

Open EarthTek opened this issue 5 years ago • 0 comments

Just mentioning our server blocked access via ModSec firewall. More for future. We opted out using it but hope yall fix this.

Heres the serverside message of the block:

msg "COMODO WAF: Information disclosure vulnerability in the WordPress Mobile Pack plugin before 2.0.2 for WordPress (CVE-2014-5337) ModSecurity: Access denied with code 403 (phase 2). Match of "rx eq 0" against "&ARGS:callback" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6350"] [id "222220"] [rev "1"] [msg "COMODO WAF: Information disclosure vulnerability in the WordPress Mobile Pack plugin before 2.0.2 for WordPress (CVE-2014-5337)|

EarthTek avatar Sep 25 '20 22:09 EarthTek