WP Beacon

YARPP

@jeffparker · wordpress.org profile ↗
Member since
2013-06-18
Location
Employer
Job title
Authored
1
SVN commit access
1
Readme contributor
0
Combined install base
100k+ across 1 plugins

Alerts (0)

No open alerts.

Show 2 resolved alerts
Critical code_pattern YARPP – Yet Another Related Posts Plugin Resolved · audit:benign 2d ago
Slugyet-another-related-posts-plugin
Patternunserialize_after_remote_call
Kindbuiltin
Version5.30.11
Hit count1
First hit
File
classes/YARPP_Core.php
Line
2,112
Snippet
L2105: $remote = wp_remote_post( "https://yarpp.org/checkversion.php?format=php&version={$vers → L2112: if ( $result = @unserialize( $remote['body'] ) ) {
Explanationa remote HTTP fetch (`wp_remote_*` / `curl_exec`) is followed by `@unserialize` within the same file — classic PHP Object Injection C2 gadget. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak. A real finding regardless of author intent: any plugin that deserializes remote responses without validation is a latent RCE chain if the remote endpoint is ever compromised.
View raw JSON
{
    "slug": "yet-another-related-posts-plugin",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "5.30.11",
    "hit_count": 1,
    "first_hit": {
        "file": "classes/YARPP_Core.php",
        "line": 2112,
        "snippet": "L2105: $remote  = wp_remote_post( \"https://yarpp.org/checkversion.php?format=php&version={$vers  \u2192  L2112: if ( $result = @unserialize( $remote['body'] ) ) {"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*` / `curl_exec`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak. A real finding regardless of author intent: any plugin that deserializes remote responses without validation is a latent RCE chain if the remote endpoint is ever compromised."
}
Critical code_scan_delta YARPP – Yet Another Related Posts Plugin Resolved · audit:benign 2d ago
Slugyet-another-related-posts-plugin
Previous version5.30.11
Current version5.30.11
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinclasses/YARPP_Core.php2,112L2105: $remote = wp_remote_post( "https://yarpp.org/checkversion.php?format=php&version={$vers → L2112: if ( $result = @unserialize( $remote['body'] ) ) {high
New finding count1
View raw JSON
{
    "slug": "yet-another-related-posts-plugin",
    "previous_version": "5.30.11",
    "current_version": "5.30.11",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "classes/YARPP_Core.php",
            "line": 2112,
            "snippet": "L2105: $remote  = wp_remote_post( \"https://yarpp.org/checkversion.php?format=php&version={$vers  \u2192  L2112: if ( $result = @unserialize( $remote['body'] ) ) {",
            "confidence": "high"
        }
    ],
    "new_finding_count": 1
}

Plugins authored (1)

Plugin Version Installs Last updated Status
YARPP – Yet Another Related Posts Plugin ·yet-another-related-posts-plugin 5.30.11 100k+ 1y ago Active

SVN commit access (1)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
YARPP – Yet Another Related Posts Plugin jeffparker 100k+ 169 12y ago 1y ago Active