WP Beacon

Kevin Stover

@kstover · wordpress.org profile ↗
Member since
2010-07-27
Location
Tennessee, USA
Employer
Saturday Drive Incorporated
Job title
Co-Founder
Authored
9 (4 closed)
SVN commit access
1
Readme contributor
5
Combined install base
611k+ across 14 plugins

Alerts (0)

No open alerts.

Show 3 resolved alerts
Critical code_pattern Ninja Forms – The Contact Form Builder That Grows With You Resolved · no_longer_matches 7d ago
Slugninja-forms
Patternunserialize_after_remote_call
Kindbuiltin
Version3.14.2
Hit count5
First hit
File
includes/Admin/Menus/ImportExport.php
Line
128
Snippet
L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] ); → L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak.
View raw JSON
{
    "slug": "ninja-forms",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "3.14.2",
    "hit_count": 5,
    "first_hit": {
        "file": "includes/Admin/Menus/ImportExport.php",
        "line": 128,
        "snippet": "L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] );  \u2192  L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak."
}
Critical code_scan_delta Ninja Forms – The Contact Form Builder That Grows With You Resolved · fp_edd_updater_library 7d ago
Slugninja-forms
Previous version3.14.2
Current version3.14.2
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinincludes/Admin/Menus/ImportExport.php128L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] ); → L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php426L419: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve → L426: $request->sections = maybe_unserialize( $request->sections );high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php432L419: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve → L432: $request->banners = maybe_unserialize( $request->banners );high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php436L419: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve → L436: $request->icons = maybe_unserialize( $request->icons );high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php494L486: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $v → L494: $version_info->sections = maybe_unserialize( $version_info->sections );high
New finding count5
View raw JSON
{
    "slug": "ninja-forms",
    "previous_version": "3.14.2",
    "current_version": "3.14.2",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Admin/Menus/ImportExport.php",
            "line": 128,
            "snippet": "L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] );  \u2192  L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 426,
            "snippet": "L419: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve  \u2192  L426: $request->sections = maybe_unserialize( $request->sections );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 432,
            "snippet": "L419: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve  \u2192  L432: $request->banners = maybe_unserialize( $request->banners );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 436,
            "snippet": "L419: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve  \u2192  L436: $request->icons = maybe_unserialize( $request->icons );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 494,
            "snippet": "L486: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $v  \u2192  L494: $version_info->sections = maybe_unserialize( $version_info->sections );",
            "confidence": "high"
        }
    ],
    "new_finding_count": 5
}
High committer_younger_than_plugin Ninja Forms – The Contact Form Builder That Grows With You Resolved · benign_company_employee 5d ago
Slugninja-forms
Committer slugericwindhamsd
Committer display nameericwindhamsd
Committer employer
Committer member since2017-12-12
Committer first commit2018-07-31 16:12:04
Committer commit count3
Plugin listed authorkstover
Earliest plugin commit2015-03-03 18:25:22
Plugin age at join days1,245
Committer age at join days231
Active installs600,000
View raw JSON
{
    "slug": "ninja-forms",
    "committer_slug": "ericwindhamsd",
    "committer_display_name": "ericwindhamsd",
    "committer_employer": null,
    "committer_member_since": "2017-12-12",
    "committer_first_commit": "2018-07-31 16:12:04",
    "committer_commit_count": 3,
    "plugin_listed_author": "kstover",
    "earliest_plugin_commit": "2015-03-03 18:25:22",
    "plugin_age_at_join_days": 1245,
    "committer_age_at_join_days": 231,
    "active_installs": 600000
}

Plugins authored (9)

Plugin Version Installs Last updated Status
Ninja Forms – The Contact Form Builder That Grows With You ·ninja-forms 3.14.3 600k+ 3d ago Active
SendWP ·sendwp 1.4.9 10k+ 1y ago Active
Ninja Announcements Lite ·ninja-announcements 2.3.2 30 13y ago Active
Ninja Shop – The Quickest Way to Start Selling ·ninja-shop 1.1.11 20 6y ago Active
Ninja Galleries ·ninja-galleries 1.0.24 10 6y ago Active
Caldera Forms – More Than Contact Forms ·caldera-forms 1.9.7 Closed
Ninja Forms – Add-on Manager ·ninja-forms-addon-manager 3.0.13 Closed
Ninja Forms Legacy Contact Form ·ninja-forms-legacy 3.9.99 Closed
NinjaForms Lite ·ninjaforms 1.2.4 Closed

SVN commit access (1)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
Ninja Forms – The Contact Form Builder That Grows With You kstover 600k+ 3 11y ago 4y ago Active

Contributor on other plugins (5)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin Primary author Version Installs
Ninja Mail jameslaws 1.0.6 300
Ninja Forms – Modal jameslaws 1.0.2 200
Scheduled Slides for Soliloquy jameslaws 1.0 60
Nike+ jameslaws 1.1 10
Ninja Pages wpninjasllc 1.4.2