WP Beacon

Complianz

@complianz · wordpress.org profile ↗
Member since
2019-05-31
Location
Italy
Employer
Complianz B.V.
Job title
Authored
2
SVN commit access
0
Readme contributor
0
Combined install base
1.3M+ across 2 plugins

Alerts (0)

No open alerts.

Show 4 resolved alerts
Critical code_pattern Complianz – GDPR/CCPA Cookie Consent Resolved · no_longer_matches 7d ago
Slugcomplianz-gdpr
Patternunserialize_after_remote_call
Kindbuiltin
Version7.4.6
Hit count3
First hit
File
upgrade/upgrade-to-pro.php
Line
285
Snippet
L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L285: $request->sections = maybe_unserialize( $request->sections );
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this.
View raw JSON
{
    "slug": "complianz-gdpr",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "7.4.6",
    "hit_count": 3,
    "first_hit": {
        "file": "upgrade/upgrade-to-pro.php",
        "line": 285,
        "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L285: $request->sections = maybe_unserialize( $request->sections );"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`) is followed by `unserialize`/`maybe_unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. Legit plugins essentially never do this."
}
Critical code_scan_delta Complianz – GDPR/CCPA Cookie Consent Resolved · fp_edd_updater_library 7d ago
Slugcomplianz-gdpr
Previous version7.4.6
Current version7.4.6
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinupgrade/upgrade-to-pro.php285L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L285: $request->sections = maybe_unserialize( $request->sections );high
unserialize_after_remote_callbuiltinupgrade/upgrade-to-pro.php291L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L291: $request->banners = maybe_unserialize( $request->banners );high
unserialize_after_remote_callbuiltinupgrade/upgrade-to-pro.php295L279: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr → L295: $request->icons = maybe_unserialize( $request->icons );high
New finding count3
View raw JSON
{
    "slug": "complianz-gdpr",
    "previous_version": "7.4.6",
    "current_version": "7.4.6",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "upgrade/upgrade-to-pro.php",
            "line": 285,
            "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L285: $request->sections = maybe_unserialize( $request->sections );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "upgrade/upgrade-to-pro.php",
            "line": 291,
            "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L291: $request->banners = maybe_unserialize( $request->banners );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "upgrade/upgrade-to-pro.php",
            "line": 295,
            "snippet": "L279: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => tr  \u2192  L295: $request->icons = maybe_unserialize( $request->icons );",
            "confidence": "high"
        }
    ],
    "new_finding_count": 3
}
Critical new_committer_young_account Complianz – GDPR/CCPA Cookie Consent Resolved · no_longer_matches 8d ago
Slugcomplianz-gdpr
Committergdom3
Display nameDomenico Gangemi
Member since2024-10-09
First commit at2024-10-09 08:44:56
Account age at first commit0
Commit count50
Active installs1,000,000
View raw JSON
{
    "slug": "complianz-gdpr",
    "committer": "gdom3",
    "display_name": "Domenico Gangemi",
    "member_since": "2024-10-09",
    "first_commit_at": "2024-10-09 08:44:56",
    "account_age_at_first_commit": 0,
    "commit_count": 50,
    "active_installs": 1000000
}
Critical new_committer_young_account Complianz – GDPR/CCPA Cookie Consent Resolved · deduped 10d ago
Slugcomplianz-gdpr
Committergdom3
Display nameDomenico Gangemi
Member since2024-10-09
First commit at2024-10-09 08:44:56
Account age at first commit0
Commit count50
Active installs1,000,000
View raw JSON
{
    "slug": "complianz-gdpr",
    "committer": "gdom3",
    "display_name": "Domenico Gangemi",
    "member_since": "2024-10-09",
    "first_commit_at": "2024-10-09 08:44:56",
    "account_age_at_first_commit": 0,
    "commit_count": 50,
    "active_installs": 1000000
}

Plugins authored (2)

Plugin Version Installs Last updated Status
Complianz – GDPR/CCPA Cookie Consent ·complianz-gdpr 7.4.6 1M+ 15d ago Active
Complianz – Terms and Conditions ·complianz-terms-conditions 1.3.0 300k+ 1mo ago Active