Project: Wordpress Plugin WP-Stateless – Google Cloud Storage 2.3.2

Vulnerability: #9253670 (2020-04-26 11:14:03)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink Standard::is_readable
Risk _ENV
/home/redeemer/phpsourcerer/src/PhpSourcerer/Simulator/Stubs/Standard.php:110 (show/hide source)
Threat level 0

Callstack:

wpCloud\StatelessMedia\Settings::refresh /wp-stateless/lib/classes/class-settings.php:235 (show/hide source)
215                  /* Path is correct. Do nothing */
216                  break;
217                /* Look using WP root. */
218                case (file_exists( ABSPATH . $key_file_path ) ):
219                  $key_file_path = ABSPATH . $key_file_path;
220                  break;
221                /* Look in wp-content dir */
222                case (file_exists( WP_CONTENT_DIR . $key_file_path ) ):
223                  $key_file_path = WP_CONTENT_DIR . $key_file_path;
224                  break;
225                /* Look in uploads dir */
226                case (file_exists( wp_normalize_path( $upload_dir[ 'basedir' ] ) . '/' . $key_file_path ) ):
227                  $key_file_path = wp_normalize_path( $upload_dir[ 'basedir' ] ) . '/' . $key_file_path;
228                  break;
229                /* Look using Plugin root */
230                case (file_exists(ud_get_stateless_media()->path( $key_file_path, 'dir') ) ):
231                  $key_file_path = ud_get_stateless_media()->path( $key_file_path, 'dir' );
232                  break;
233  
234              }
235 if(is_readable($key_file_path)) {
236 $this->set( 'sm.key_json', file_get_contents($key_file_path) ); 237 if(defined('WP_STATELESS_MEDIA_KEY_FILE_PATH'))
wpCloud\StatelessMedia\Settings::__construct /wp-stateless/lib/classes/class-settings.php:71 (show/hide source)
51        public function __construct() {
52  
53          add_action('admin_menu', array( $this, 'admin_menu' ));
54  
55          
56          $this->save_media_settings();
57          
58  
59          /* Add 'Settings' link for SM plugin on plugins page. */
60          $_basename = plugin_basename( ud_get_stateless_media()->boot_file );
61  
62          parent::__construct( array(
63            'store'       => 'options',
64            'format'      => 'json',
65            'data'        => array(
66              'sm' => array()
67            )
68          ));
69          
70          // Setting sm variable
71 $this->refresh();
72 73 /**
wpCloud\StatelessMedia\Bootstrap::redirect_to_splash /wp-stateless/lib/classes/class-bootstrap.php:1306 (show/hide source)
1286         * 
1287         * Delete table when blog is deleted.
1288         */
1289        public function wp_delete_site($old_site){
1290          global $wpdb;
1291          
1292          switch_to_blog( $old_site->id );
1293          $table_name = $wpdb->prefix . 'sm_sync';
1294          
1295          $sql = "DROP TABLE IF EXISTS $table_name";
1296          $wpdb->query($sql);
1297          restore_current_blog();
1298        }
1299  
1300        /**
1301         * Redirect_to_splash
1302         *
1303         * @param string $plugin
1304         */
1305        public function redirect_to_splash($plugin =''){
1306 $this->settings = new Settings();
1307 1308 if(defined( 'WP_CLI' ) || $this->settings->get('sm.key_json') || isset($_POST['checked']) && count($_POST['checked']) > 1){