WP Beacon

Kevin Stover

@kstover · wordpress.org profile ↗
Member since
2010-07-27
Location
Tennessee, USA
Employer
Saturday Drive Incorporated
Job title
Co-Founder
Authored
9 (4 closed)
SVN commit access
6 (2 closed)
Readme contributor
5
Combined install base
611k+ across 14 plugins

Alerts (0)

No open alerts.

Show 4 resolved alerts
Critical code_pattern Ninja Forms – The Contact Form Builder That Grows With You Resolved · no_longer_matches 28d ago
Slugninja-forms
Patternunserialize_after_remote_call
Kindbuiltin
Version3.14.2
Hit count5
First hit
File
includes/Admin/Menus/ImportExport.php
Line
128
Snippet
L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] ); → L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);
Explanationa remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file — classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak.
View raw JSON
{
    "slug": "ninja-forms",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "3.14.2",
    "hit_count": 5,
    "first_hit": {
        "file": "includes/Admin/Menus/ImportExport.php",
        "line": 128,
        "snippet": "L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] );  \u2192  L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak."
}
Critical code_scan_delta Ninja Forms – The Contact Form Builder That Grows With You Resolved · fp_edd_updater_library 28d ago
Slugninja-forms
Previous version3.14.2
Current version3.14.2
New findings
PatternKindFileLineSnippetConfidence
unserialize_after_remote_callbuiltinincludes/Admin/Menus/ImportExport.php128L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] ); → L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php426L419: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve → L426: $request->sections = maybe_unserialize( $request->sections );high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php432L419: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve → L432: $request->banners = maybe_unserialize( $request->banners );high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php436L419: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve → L436: $request->icons = maybe_unserialize( $request->icons );high
unserialize_after_remote_callbuiltinincludes/Integrations/EDD/EDD_SL_Plugin_Updater.php494L486: $request = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $v → L494: $version_info->sections = maybe_unserialize( $version_info->sections );high
New finding count5
View raw JSON
{
    "slug": "ninja-forms",
    "previous_version": "3.14.2",
    "current_version": "3.14.2",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Admin/Menus/ImportExport.php",
            "line": 128,
            "snippet": "L111: $import = file_get_contents( $_FILES[ 'nf_import_fields' ][ 'tmp_name' ] );  \u2192  L128: $return = unserialize($serializedValue,['allowed_classes'=>false]);",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 426,
            "snippet": "L419: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve  \u2192  L426: $request->sections = maybe_unserialize( $request->sections );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 432,
            "snippet": "L419: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve  \u2192  L432: $request->banners = maybe_unserialize( $request->banners );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 436,
            "snippet": "L419: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $ve  \u2192  L436: $request->icons = maybe_unserialize( $request->icons );",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "includes/Integrations/EDD/EDD_SL_Plugin_Updater.php",
            "line": 494,
            "snippet": "L486: $request    = wp_remote_post( $this->api_url, array( 'timeout' => 15, 'sslverify' => $v  \u2192  L494: $version_info->sections = maybe_unserialize( $version_info->sections );",
            "confidence": "high"
        }
    ],
    "new_finding_count": 5
}
High code_scan_match Ninja Forms – The Contact Form Builder That Grows With You Resolved · code_scan_fp_class_vendor_cdn_enqueue 17d ago
Slugninja-forms
Finding count3
Findings
PatternKindFileLineSnippetConfidenceDetails
remote_enqueuebuiltinincludes/Display/Render.php848wp_enqueue_script('nf-google-recaptcha', 'https://www.google.com/recaptcha/api.js?hl=' . $recaptcha_lang . '&onload=nfRenderRecaptcha&render=explicit', array( 'jquery', 'nf-front-end-deps'medium
Url
https://www.google.com/recaptcha/api.js?hl=
Url host
www.google.com
remote_enqueuebuiltinincludes/Display/Render.php856wp_enqueue_script('nf-hcaptcha', 'https://js.hcaptcha.com/1/api.js?render=explicit', array( 'jquery', 'nf-front-end-deps' ), null, TRUE );medium
Url
https://js.hcaptcha.com/1/api.js?render=explicit
Url host
js.hcaptcha.com
remote_enqueuebuiltinincludes/Actions/Recaptcha.php306wp_enqueue_script('nf-google-recaptcha', 'https://www.google.com/recaptcha/api.js?hl=' . $recaptcha_lang . '&render=' . $this->site_key, array('jquery'), '3.0', true);medium
Url
https://www.google.com/recaptcha/api.js?hl=
Url host
www.google.com
Resolved sha856dd54305420a550a8a0aee0f62a442431e1a80
View raw JSON
{
    "slug": "ninja-forms",
    "finding_count": 3,
    "findings": [
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/Display/Render.php",
            "line": 848,
            "snippet": "wp_enqueue_script('nf-google-recaptcha', 'https://www.google.com/recaptcha/api.js?hl=' . $recaptcha_lang . '&onload=nfRenderRecaptcha&render=explicit', array( 'jquery', 'nf-front-end-deps'",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js?hl=",
                "url_host": "www.google.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/Display/Render.php",
            "line": 856,
            "snippet": "wp_enqueue_script('nf-hcaptcha', 'https://js.hcaptcha.com/1/api.js?render=explicit', array( 'jquery', 'nf-front-end-deps' ), null, TRUE );",
            "confidence": "medium",
            "details": {
                "url": "https://js.hcaptcha.com/1/api.js?render=explicit",
                "url_host": "js.hcaptcha.com"
            }
        },
        {
            "pattern": "remote_enqueue",
            "kind": "builtin",
            "file": "includes/Actions/Recaptcha.php",
            "line": 306,
            "snippet": "wp_enqueue_script('nf-google-recaptcha', 'https://www.google.com/recaptcha/api.js?hl=' . $recaptcha_lang . '&render=' . $this->site_key, array('jquery'), '3.0', true);",
            "confidence": "medium",
            "details": {
                "url": "https://www.google.com/recaptcha/api.js?hl=",
                "url_host": "www.google.com"
            }
        }
    ],
    "resolved_sha": "856dd54305420a550a8a0aee0f62a442431e1a80"
}
High committer_younger_than_plugin Ninja Forms – The Contact Form Builder That Grows With You Resolved · benign_company_employee 25d ago
Slugninja-forms
Committer slugericwindhamsd
Committer display nameericwindhamsd
Committer employer
Committer member since2017-12-12
Committer first commit2018-07-31 16:12:04
Committer commit count3
Plugin listed authorkstover
Earliest plugin commit2015-03-03 18:25:22
Plugin age at join days1,245
Committer age at join days231
Active installs600,000
View raw JSON
{
    "slug": "ninja-forms",
    "committer_slug": "ericwindhamsd",
    "committer_display_name": "ericwindhamsd",
    "committer_employer": null,
    "committer_member_since": "2017-12-12",
    "committer_first_commit": "2018-07-31 16:12:04",
    "committer_commit_count": 3,
    "plugin_listed_author": "kstover",
    "earliest_plugin_commit": "2015-03-03 18:25:22",
    "plugin_age_at_join_days": 1245,
    "committer_age_at_join_days": 231,
    "active_installs": 600000
}

Plugins authored (9)

Plugin Version Installs Last updated Status
Ninja Forms – The Contact Form Builder That Grows With You ·ninja-forms 3.14.3 600k+ 23d ago Active
SendWP ·sendwp 1.4.9 10k+ 1y ago Active
Ninja Announcements Lite ·ninja-announcements 2.3.2 30 13y ago Active
Ninja Shop – The Quickest Way to Start Selling ·ninja-shop 1.1.11 20 6y ago Active
Ninja Galleries ·ninja-galleries 1.0.24 10 6y ago Active
Caldera Forms – More Than Contact Forms ·caldera-forms 1.9.7 Closed
Ninja Forms – Add-on Manager ·ninja-forms-addon-manager 3.0.13 Closed
Ninja Forms Legacy Contact Form ·ninja-forms-legacy 3.9.99 Closed
NinjaForms Lite ·ninjaforms 1.2.4 Closed

SVN commit access (6)

Plugins this account has pushed commits to, reconstructed from plugins.svn.wordpress.org. A new name showing up here on an established plugin is the strongest ownership-transfer signal.

Plugin Primary author Installs Commits First Latest Status
Ninja Announcements Lite kstover 30 37 15y ago 13y ago Active
Ninja Mail jameslaws 300 4 7y ago 7y ago Active
Ninja Forms – Add-on Manager kstover 4 7y ago 7y ago Closed
Ninja Pages wpninjasllc 4 15y ago 15y ago Closed
Ninja Forms – The Contact Form Builder That Grows With You kstover 600k+ 3 11y ago 4y ago Active
Ninja Forms – Modal jameslaws 200 3 12y ago 11y ago Active

Contributor on other plugins (5)

Plugins where this account is listed in the readme contributors (distinct from SVN commit access).

Plugin Primary author Version Installs
Ninja Mail jameslaws 1.0.6 300
Ninja Forms – Modal jameslaws 1.0.2 200
Scheduled Slides for Soliloquy jameslaws 1.0 60
Nike+ jameslaws 1.1 10
Ninja Pages wpninjasllc 1.4.2