Changeset 2337484

Timestamp:

07/08/2020 03:05:56 PM (5 years ago)

Author:

wfmatt

Message:

7.4.9 - July 8, 2020

• Improvement: Added list of known malicious usernames to suspicious administrator scan.
• Improvement: Added ability for the WAF to determine if a given plugin/theme/core version is installed.
• Improvement: Added a feature to export a diagnostics report.
• Improvement: Add php_errorlog to the list of downloadable logs in diagnostics.
• Improvement: Added a prompt to allow user to download a backup prior to repairing files.
• Improvement: Prevent scan from failing when the home URL has changed and the key is no longer valid.
• Improvement: Deprecated PHP 5.3, and ended PHP 5.2 support by prevent auto-update from running on older versions.
• Fix: Fixed issue where WAF mysqli storage engine cannot find credentials if wflogs/ does not exist.
• Fix: Changed capability checked to read WP REST API users endpoint when "Prevent discovery of usernames through ..." is enabled.
• Fix: Prevented duplicate queries for wordfenceCentralConnected wfconfig value.
• Fix: Prevented custom wp-content or other directories from appearing in "skipped paths" scan result, even when scanned.
• Fix: Login Attempts dashboard widget "Show more" link is not visible when long usernames and IPs cause wrapping.
• Fix: Fix typo in the readme.

Location:

wordfence

Files:

• tags/7.4.9 (copied) (copied from wordfence/trunk)
• tags/7.4.9/css/activity-report-widget.1592338782.css (deleted)
• tags/7.4.9/css/activity-report-widget.1594219913.css (added)
• tags/7.4.9/css/diff.1592338782.css (deleted)
• tags/7.4.9/css/diff.1594219913.css (added)
• tags/7.4.9/css/dt_table.1592338782.css (deleted)
• tags/7.4.9/css/dt_table.1594219913.css (added)
• tags/7.4.9/css/fullLog.1592338782.css (deleted)
• tags/7.4.9/css/fullLog.1594219913.css (added)
• tags/7.4.9/css/iptraf.1592338782.css (deleted)
• tags/7.4.9/css/iptraf.1594219913.css (added)
• tags/7.4.9/css/jquery-ui-timepicker-addon.1592338782.css (deleted)
• tags/7.4.9/css/jquery-ui-timepicker-addon.1594219913.css (added)
• tags/7.4.9/css/jquery-ui.min.1592338782.css (deleted)
• tags/7.4.9/css/jquery-ui.min.1594219913.css (added)
• tags/7.4.9/css/jquery-ui.structure.min.1592338782.css (deleted)
• tags/7.4.9/css/jquery-ui.structure.min.1594219913.css (added)
• tags/7.4.9/css/jquery-ui.theme.min.1592338782.css (deleted)
• tags/7.4.9/css/jquery-ui.theme.min.1594219913.css (added)
• tags/7.4.9/css/main.1592338782.css (deleted)
• tags/7.4.9/css/main.1594219913.css (added)
• tags/7.4.9/css/phpinfo.1592338782.css (deleted)
• tags/7.4.9/css/phpinfo.1594219913.css (added)
• tags/7.4.9/css/wf-adminbar.1592338782.css (deleted)
• tags/7.4.9/css/wf-adminbar.1594219913.css (added)
• tags/7.4.9/css/wf-colorbox.1592338782.css (deleted)
• tags/7.4.9/css/wf-colorbox.1594219913.css (added)
• tags/7.4.9/css/wf-font-awesome.1592338782.css (deleted)
• tags/7.4.9/css/wf-font-awesome.1594219913.css (added)
• tags/7.4.9/css/wf-global.1592338782.css (deleted)
• tags/7.4.9/css/wf-global.1594219913.css (added)
• tags/7.4.9/css/wf-ionicons.1592338782.css (deleted)
• tags/7.4.9/css/wf-ionicons.1594219913.css (added)
• tags/7.4.9/css/wf-onboarding.1592338782.css (deleted)
• tags/7.4.9/css/wf-onboarding.1594219913.css (added)
• tags/7.4.9/css/wf-roboto-font.1592338782.css (deleted)
• tags/7.4.9/css/wf-roboto-font.1594219913.css (added)
• tags/7.4.9/css/wfselect2.min.1592338782.css (deleted)
• tags/7.4.9/css/wfselect2.min.1594219913.css (added)
• tags/7.4.9/css/wordfenceBox.1592338782.css (deleted)
• tags/7.4.9/css/wordfenceBox.1594219913.css (added)
• tags/7.4.9/js/Chart.bundle.min.1592338782.js (deleted)
• tags/7.4.9/js/Chart.bundle.min.1594219913.js (added)
• tags/7.4.9/js/admin.1592338782.js (deleted)
• tags/7.4.9/js/admin.1594219913.js (added)
• tags/7.4.9/js/admin.ajaxWatcher.1592338782.js (deleted)
• tags/7.4.9/js/admin.ajaxWatcher.1594219913.js (added)
• tags/7.4.9/js/admin.liveTraffic.1592338782.js (deleted)
• tags/7.4.9/js/admin.liveTraffic.1594219913.js (added)
• tags/7.4.9/js/date.1592338782.js (deleted)
• tags/7.4.9/js/date.1594219913.js (added)
• tags/7.4.9/js/jquery-ui-timepicker-addon.1592338782.js (deleted)
• tags/7.4.9/js/jquery-ui-timepicker-addon.1594219913.js (added)
• tags/7.4.9/js/jquery.colorbox-min.1592338782.js (deleted)
• tags/7.4.9/js/jquery.colorbox-min.1594219913.js (added)
• tags/7.4.9/js/jquery.colorbox.1592338782.js (deleted)
• tags/7.4.9/js/jquery.colorbox.1594219913.js (added)
• tags/7.4.9/js/jquery.dataTables.min.1592338782.js (deleted)
• tags/7.4.9/js/jquery.dataTables.min.1594219913.js (added)
• tags/7.4.9/js/jquery.qrcode.min.1592338782.js (deleted)
• tags/7.4.9/js/jquery.qrcode.min.1594219913.js (added)
• tags/7.4.9/js/jquery.tmpl.min.1592338782.js (deleted)
• tags/7.4.9/js/jquery.tmpl.min.1594219913.js (added)
• tags/7.4.9/js/jquery.tools.min.1592338782.js (deleted)
• tags/7.4.9/js/jquery.tools.min.1594219913.js (added)
• tags/7.4.9/js/knockout-3.3.0.1592338782.js (deleted)
• tags/7.4.9/js/knockout-3.3.0.1594219913.js (added)
• tags/7.4.9/js/wfdashboard.1592338782.js (deleted)
• tags/7.4.9/js/wfdashboard.1594219913.js (added)
• tags/7.4.9/js/wfdropdown.1592338782.js (deleted)
• tags/7.4.9/js/wfdropdown.1594219913.js (added)
• tags/7.4.9/js/wfglobal.1592338782.js (deleted)
• tags/7.4.9/js/wfglobal.1594219913.js (added)
• tags/7.4.9/js/wfpopover.1592338782.js (deleted)
• tags/7.4.9/js/wfpopover.1594219913.js (added)
• tags/7.4.9/js/wfselect2.min.1592338782.js (deleted)
• tags/7.4.9/js/wfselect2.min.1594219913.js (added)
• tags/7.4.9/lib/menu_options.php (modified) (1 diff)
• tags/7.4.9/lib/menu_scanner.php (modified) (1 diff)
• tags/7.4.9/lib/menu_tools_diagnostic.php (modified) (1 diff)
• tags/7.4.9/lib/wfCentralAPI.php (modified) (2 diffs)
• tags/7.4.9/lib/wfConfig.php (modified) (2 diffs)
• tags/7.4.9/lib/wfDashboard.php (modified) (1 diff)
• tags/7.4.9/lib/wfHelperString.php (modified) (1 diff)
• tags/7.4.9/lib/wfLog.php (modified) (4 diffs)
• tags/7.4.9/lib/wfScan.php (modified) (1 diff)
• tags/7.4.9/lib/wfScanEngine.php (modified) (2 diffs)
• tags/7.4.9/lib/wfSupportController.php (modified) (2 diffs)
• tags/7.4.9/lib/wfUpdateCheck.php (modified) (1 diff)
• tags/7.4.9/lib/wfVersionCheckController.php (modified) (5 diffs)
• tags/7.4.9/lib/wordfenceClass.php (modified) (11 diffs)
• tags/7.4.9/modules/login-security/css/admin-global.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/admin-global.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/admin.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/admin.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/colorbox.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/colorbox.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/font-awesome.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/font-awesome.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/ionicons.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/ionicons.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/jquery-ui-timepicker-addon.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/jquery-ui-timepicker-addon.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/jquery-ui.min.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/jquery-ui.min.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/jquery-ui.structure.min.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/jquery-ui.structure.min.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/jquery-ui.theme.min.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/jquery-ui.theme.min.1594219913.css (added)
• tags/7.4.9/modules/login-security/css/login.1592338782.css (deleted)
• tags/7.4.9/modules/login-security/css/login.1594219913.css (added)
• tags/7.4.9/modules/login-security/js/admin-global.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/admin-global.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/admin.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/admin.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/jquery-ui-timepicker-addon.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/jquery-ui-timepicker-addon.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/jquery.colorbox.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/jquery.colorbox.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/jquery.colorbox.min.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/jquery.colorbox.min.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/jquery.qrcode.min.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/jquery.qrcode.min.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/jquery.tmpl.min.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/jquery.tmpl.min.1594219913.js (added)
• tags/7.4.9/modules/login-security/js/login.1592338782.js (deleted)
• tags/7.4.9/modules/login-security/js/login.1594219913.js (added)
• tags/7.4.9/modules/login-security/wordfence-login-security.php (modified) (1 diff)
• tags/7.4.9/readme.txt (modified) (3 diffs)
• tags/7.4.9/vendor/wordfence/wf-waf/src/init.php (modified) (1 diff)
• tags/7.4.9/vendor/wordfence/wf-waf/src/lib/rules.php (modified) (2 diffs)
• tags/7.4.9/views/diagnostics (added)
• tags/7.4.9/views/diagnostics/text.php (added)
• tags/7.4.9/views/scanner/issue-control-repair.php (modified) (1 diff)
• tags/7.4.9/views/scanner/options-group-general.php (modified) (1 diff)
• tags/7.4.9/views/waf/waf-install.php (modified) (1 diff)
• tags/7.4.9/views/waf/waf-uninstall.php (modified) (1 diff)
• tags/7.4.9/waf/bootstrap.php (modified) (3 diffs)
• tags/7.4.9/wordfence.php (modified) (3 diffs)
• trunk/css/activity-report-widget.1592338782.css (deleted)
• trunk/css/activity-report-widget.1594219913.css (added)
• trunk/css/diff.1592338782.css (deleted)
• trunk/css/diff.1594219913.css (added)
• trunk/css/dt_table.1592338782.css (deleted)
• trunk/css/dt_table.1594219913.css (added)
• trunk/css/fullLog.1592338782.css (deleted)
• trunk/css/fullLog.1594219913.css (added)
• trunk/css/iptraf.1592338782.css (deleted)
• trunk/css/iptraf.1594219913.css (added)
• trunk/css/jquery-ui-timepicker-addon.1592338782.css (deleted)
• trunk/css/jquery-ui-timepicker-addon.1594219913.css (added)
• trunk/css/jquery-ui.min.1592338782.css (deleted)
• trunk/css/jquery-ui.min.1594219913.css (added)
• trunk/css/jquery-ui.structure.min.1592338782.css (deleted)
• trunk/css/jquery-ui.structure.min.1594219913.css (added)
• trunk/css/jquery-ui.theme.min.1592338782.css (deleted)
• trunk/css/jquery-ui.theme.min.1594219913.css (added)
• trunk/css/main.1592338782.css (deleted)
• trunk/css/main.1594219913.css (added)
• trunk/css/phpinfo.1592338782.css (deleted)
• trunk/css/phpinfo.1594219913.css (added)
• trunk/css/wf-adminbar.1592338782.css (deleted)
• trunk/css/wf-adminbar.1594219913.css (added)
• trunk/css/wf-colorbox.1592338782.css (deleted)
• trunk/css/wf-colorbox.1594219913.css (added)
• trunk/css/wf-font-awesome.1592338782.css (deleted)
• trunk/css/wf-font-awesome.1594219913.css (added)
• trunk/css/wf-global.1592338782.css (deleted)
• trunk/css/wf-global.1594219913.css (added)
• trunk/css/wf-ionicons.1592338782.css (deleted)
• trunk/css/wf-ionicons.1594219913.css (added)
• trunk/css/wf-onboarding.1592338782.css (deleted)
• trunk/css/wf-onboarding.1594219913.css (added)
• trunk/css/wf-roboto-font.1592338782.css (deleted)
• trunk/css/wf-roboto-font.1594219913.css (added)
• trunk/css/wfselect2.min.1592338782.css (deleted)
• trunk/css/wfselect2.min.1594219913.css (added)
• trunk/css/wordfenceBox.1592338782.css (deleted)
• trunk/css/wordfenceBox.1594219913.css (added)
• trunk/js/Chart.bundle.min.1592338782.js (deleted)
• trunk/js/Chart.bundle.min.1594219913.js (added)
• trunk/js/admin.1592338782.js (deleted)
• trunk/js/admin.1594219913.js (added)
• trunk/js/admin.ajaxWatcher.1592338782.js (deleted)
• trunk/js/admin.ajaxWatcher.1594219913.js (added)
• trunk/js/admin.liveTraffic.1592338782.js (deleted)
• trunk/js/admin.liveTraffic.1594219913.js (added)
• trunk/js/date.1592338782.js (deleted)
• trunk/js/date.1594219913.js (added)
• trunk/js/jquery-ui-timepicker-addon.1592338782.js (deleted)
• trunk/js/jquery-ui-timepicker-addon.1594219913.js (added)
• trunk/js/jquery.colorbox-min.1592338782.js (deleted)
• trunk/js/jquery.colorbox-min.1594219913.js (added)
• trunk/js/jquery.colorbox.1592338782.js (deleted)
• trunk/js/jquery.colorbox.1594219913.js (added)
• trunk/js/jquery.dataTables.min.1592338782.js (deleted)
• trunk/js/jquery.dataTables.min.1594219913.js (added)
• trunk/js/jquery.qrcode.min.1592338782.js (deleted)
• trunk/js/jquery.qrcode.min.1594219913.js (added)
• trunk/js/jquery.tmpl.min.1592338782.js (deleted)
• trunk/js/jquery.tmpl.min.1594219913.js (added)
• trunk/js/jquery.tools.min.1592338782.js (deleted)
• trunk/js/jquery.tools.min.1594219913.js (added)
• trunk/js/knockout-3.3.0.1592338782.js (deleted)
• trunk/js/knockout-3.3.0.1594219913.js (added)
• trunk/js/wfdashboard.1592338782.js (deleted)
• trunk/js/wfdashboard.1594219913.js (added)
• trunk/js/wfdropdown.1592338782.js (deleted)
• trunk/js/wfdropdown.1594219913.js (added)
• trunk/js/wfglobal.1592338782.js (deleted)
• trunk/js/wfglobal.1594219913.js (added)
• trunk/js/wfpopover.1592338782.js (deleted)
• trunk/js/wfpopover.1594219913.js (added)
• trunk/js/wfselect2.min.1592338782.js (deleted)
• trunk/js/wfselect2.min.1594219913.js (added)
• trunk/lib/menu_options.php (modified) (1 diff)
• trunk/lib/menu_scanner.php (modified) (1 diff)
• trunk/lib/menu_tools_diagnostic.php (modified) (1 diff)
• trunk/lib/wfCentralAPI.php (modified) (2 diffs)
• trunk/lib/wfConfig.php (modified) (2 diffs)
• trunk/lib/wfDashboard.php (modified) (1 diff)
• trunk/lib/wfHelperString.php (modified) (1 diff)
• trunk/lib/wfLog.php (modified) (4 diffs)
• trunk/lib/wfScan.php (modified) (1 diff)
• trunk/lib/wfScanEngine.php (modified) (2 diffs)
• trunk/lib/wfSupportController.php (modified) (2 diffs)
• trunk/lib/wfUpdateCheck.php (modified) (1 diff)
• trunk/lib/wfVersionCheckController.php (modified) (5 diffs)
• trunk/lib/wordfenceClass.php (modified) (11 diffs)
• trunk/modules/login-security/css/admin-global.1592338782.css (deleted)
• trunk/modules/login-security/css/admin-global.1594219913.css (added)
• trunk/modules/login-security/css/admin.1592338782.css (deleted)
• trunk/modules/login-security/css/admin.1594219913.css (added)
• trunk/modules/login-security/css/colorbox.1592338782.css (deleted)
• trunk/modules/login-security/css/colorbox.1594219913.css (added)
• trunk/modules/login-security/css/font-awesome.1592338782.css (deleted)
• trunk/modules/login-security/css/font-awesome.1594219913.css (added)
• trunk/modules/login-security/css/ionicons.1592338782.css (deleted)
• trunk/modules/login-security/css/ionicons.1594219913.css (added)
• trunk/modules/login-security/css/jquery-ui-timepicker-addon.1592338782.css (deleted)
• trunk/modules/login-security/css/jquery-ui-timepicker-addon.1594219913.css (added)
• trunk/modules/login-security/css/jquery-ui.min.1592338782.css (deleted)
• trunk/modules/login-security/css/jquery-ui.min.1594219913.css (added)
• trunk/modules/login-security/css/jquery-ui.structure.min.1592338782.css (deleted)
• trunk/modules/login-security/css/jquery-ui.structure.min.1594219913.css (added)
• trunk/modules/login-security/css/jquery-ui.theme.min.1592338782.css (deleted)
• trunk/modules/login-security/css/jquery-ui.theme.min.1594219913.css (added)
• trunk/modules/login-security/css/login.1592338782.css (deleted)
• trunk/modules/login-security/css/login.1594219913.css (added)
• trunk/modules/login-security/js/admin-global.1592338782.js (deleted)
• trunk/modules/login-security/js/admin-global.1594219913.js (added)
• trunk/modules/login-security/js/admin.1592338782.js (deleted)
• trunk/modules/login-security/js/admin.1594219913.js (added)
• trunk/modules/login-security/js/jquery-ui-timepicker-addon.1592338782.js (deleted)
• trunk/modules/login-security/js/jquery-ui-timepicker-addon.1594219913.js (added)
• trunk/modules/login-security/js/jquery.colorbox.1592338782.js (deleted)
• trunk/modules/login-security/js/jquery.colorbox.1594219913.js (added)
• trunk/modules/login-security/js/jquery.colorbox.min.1592338782.js (deleted)
• trunk/modules/login-security/js/jquery.colorbox.min.1594219913.js (added)
• trunk/modules/login-security/js/jquery.qrcode.min.1592338782.js (deleted)
• trunk/modules/login-security/js/jquery.qrcode.min.1594219913.js (added)
• trunk/modules/login-security/js/jquery.tmpl.min.1592338782.js (deleted)
• trunk/modules/login-security/js/jquery.tmpl.min.1594219913.js (added)
• trunk/modules/login-security/js/login.1592338782.js (deleted)
• trunk/modules/login-security/js/login.1594219913.js (added)
• trunk/modules/login-security/wordfence-login-security.php (modified) (1 diff)
• trunk/readme.txt (modified) (2 diffs)
• trunk/vendor/wordfence/wf-waf/src/init.php (modified) (1 diff)
• trunk/vendor/wordfence/wf-waf/src/lib/rules.php (modified) (2 diffs)
• trunk/views/diagnostics (added)
• trunk/views/diagnostics/text.php (added)
• trunk/views/scanner/issue-control-repair.php (modified) (1 diff)
• trunk/views/scanner/options-group-general.php (modified) (1 diff)
• trunk/views/waf/waf-install.php (modified) (1 diff)
• trunk/views/waf/waf-uninstall.php (modified) (1 diff)
• trunk/waf/bootstrap.php (modified) (3 diffs)
• trunk/wordfence.php (modified) (3 diffs)

wordfence/tags/7.4.9/lib/menu_options.php

@@ -163 +163 @@
                 'wf-option-scansEnabled-suspiciousOptions' => __('Scan WordPress core, plugin, and theme options for known dangerous URLs and suspicious content', 'wordfence'),
                 'wf-option-scansEnabled-oldVersions' => __('Scan for out of date, abandoned, and vulnerable plugins, themes, and WordPress versions', 'wordfence'),
-                'wf-option-scansEnabled-suspiciousAdminUsers' => __('Scan for admin users created outside of WordPress', 'wordfence'),
+                'wf-option-scansEnabled-suspiciousAdminUsers' => __('Scan for suspicious admin users created outside of WordPress', 'wordfence'),
                 'wf-option-scansEnabled-passwds' => __('Check the strength of passwords', 'wordfence'),
                 'wf-option-scansEnabled-diskSpace' => __('Monitor disk space', 'wordfence'),

wordfence/tags/7.4.9/lib/menu_scanner.php

@@ -21 +21 @@
 }
 ?>
+<div id="wordfenceMode_scan"></div>
 <div class="wrap wordfence">
     <div class="wf-container-fluid">

wordfence/tags/7.4.9/lib/menu_tools_diagnostic.php

@@ -40 +40 @@
                     <div id="sendByEmailDiv" class="wf-add-bottom">
                         <span class="wf-nowrap">
-                            <input class="wf-btn wf-btn-primary" type="submit" id="sendByEmail" value="Send Report by Email"/>
-                            <input class="wf-btn wf-btn-default" type="button" id="expandAllDiagnostics" value="Expand All Diagnostics"/>
+                            <input class="wf-btn wf-btn-primary wf-btn-sm" type="submit" id="exportDiagnostics" value="Export"/>
+                            <input class="wf-btn wf-btn-primary wf-btn-sm" type="submit" id="sendByEmail" value="Send Report by Email"/>
+                            <input class="wf-btn wf-btn-default wf-btn-sm" type="button" id="expandAllDiagnostics" value="Expand All Diagnostics"/>
                         </span>
                     </div>

wordfence/tags/7.4.9/lib/wfCentralAPI.php

@@ -320 +320 @@
      */
     public static function isConnected() {
-        return self::isSupported() && ((bool) wfConfig::get('wordfenceCentralConnected', false));
+        return self::isSupported() && ((bool) self::_isConnected());
     }
 
@@ -327 +327 @@
      */
     public static function isPartialConnection() {
-        return !wfConfig::get('wordfenceCentralConnected') && wfConfig::get('wordfenceCentralSiteID');
+        return !self::_isConnected() && wfConfig::get('wordfenceCentralSiteID');
+    }
+
+    public static function _isConnected($forceUpdate = false) {
+        static $isConnected;
+        if (!isset($isConnected) || $forceUpdate) {
+            $isConnected = wfConfig::get('wordfenceCentralConnected', false);
+        }
+        return $isConnected;
     }
 

wordfence/tags/7.4.9/lib/wfConfig.php

@@ -225 +225 @@
         ),
     );
-    public static $serializedOptions = array('lastAdminLogin', 'scanSched', 'emailedIssuesList', 'wf_summaryItems', 'adminUserList', 'twoFactorUsers', 'alertFreqTrack', 'wfStatusStartMsgs', 'vulnerabilities_plugin', 'vulnerabilities_theme', 'dashboardData', 'malwarePrefixes', 'coreHashes', 'noc1ScanSchedule', 'allScansScheduled', 'disclosureStates', 'scanStageStatuses', 'adminNoticeQueue');
+    public static $serializedOptions = array('lastAdminLogin', 'scanSched', 'emailedIssuesList', 'wf_summaryItems', 'adminUserList', 'twoFactorUsers', 'alertFreqTrack', 'wfStatusStartMsgs', 'vulnerabilities_plugin', 'vulnerabilities_theme', 'dashboardData', 'malwarePrefixes', 'coreHashes', 'noc1ScanSchedule', 'allScansScheduled', 'disclosureStates', 'scanStageStatuses', 'adminNoticeQueue', 'suspiciousAdminUsernames', 'wordpressPluginVersions', 'wordpressThemeVersions');
     // Configuration keypairs that can be set from Central.
     private static $wfCentralInternalConfig = array(
@@ -932 +932 @@
     }
     public static function autoUpdate(){
+        // Prevent auto-update for PHP 5.2. Consider tying this into `wfVersionCheckController::PHP_DEPRECATING`.
+        if (version_compare(PHP_VERSION, '5.3', '<')) {
+            return;
+        }
+
         if (!wfConfig::get('other_bypassLitespeedNoabort', false) && getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false) {
             $lastEmail = self::get('lastLiteSpdEmail', false);

wordfence/tags/7.4.9/lib/wfDashboard.php

@@ -225 +225 @@
 
         // Wordfence Central
-        $this->wordfenceCentralConnected = wfConfig::get('wordfenceCentralConnected');
+        $this->wordfenceCentralConnected = wfCentral::_isConnected(); // This value is cached.
         $this->wordfenceCentralConnectTime = wfConfig::get('wordfenceCentralConnectTime');
         $this->wordfenceCentralConnectEmail = wfConfig::get('wordfenceCentralConnectEmail');

wordfence/tags/7.4.9/lib/wfHelperString.php

@@ -20 +20 @@
         return $return_val;
     }
+
+    public static function plainTextTable($table) {
+        if (count($table) === 0) {
+            return '';
+        }
+        $colLengths = array();
+        for ($row = 0; $row < count($table); $row++) {
+            for ($col = 0; $col < count($table[$row]); $col++) {
+                foreach (explode("\n", $table[$row][$col]) as $colText) {
+                    if (!isset($colLengths[$col])) {
+                        $colLengths[$col] = strlen($colText);
+                        continue;
+                    }
+                    $len = strlen($colText);
+                    if ($len > $colLengths[$col]) {
+                        $colLengths[$col] = $len;
+                    }
+                }
+            }
+        }
+        $hr = str_repeat('-', array_sum($colLengths) + (count($colLengths) * 3) + 1);
+        $output = $hr . "\n";
+        for ($row = 0; $row < count($table); $row++) {
+            $colHeight = 0;
+            for ($col = 0; $col < count($table[$row]); $col++) {
+                $height = substr_count($table[$row][$col], "\n");
+                if ($height > $colHeight) {
+                    $colHeight = $height;
+                }
+            }
+            for ($colRow = 0; $colRow <= $colHeight; $colRow++) {
+                for ($col = 0; $col < count($table[$row]); $col++) {
+                    $colRows = explode("\n", $table[$row][$col]);
+                    $output .= '| ' . str_pad(isset($colRows[$colRow]) ? $colRows[$colRow] : '', $colLengths[$col], ' ', STR_PAD_RIGHT) . ' ';
+                }
+                $output .= "|\n";
+            }
+            if ($row === 0) {
+                $output .= $hr . "\n";
+            }
+        }
+        return trim($output . (count($table) > 1 ? $hr : ''));
+    }
 }

wordfence/tags/7.4.9/lib/wfLog.php

@@ -1057 +1057 @@
 class wfAdminUserMonitor {
 
+    protected $currentAdminList = array();
+
     public function isEnabled() {
         $options = wfScanner::shared()->scanOptions();
@@ -1074 +1076 @@
     public function createInitialList() {
         $admins = $this->getCurrentAdmins();
-        wfConfig::set_ser('adminUserList', $admins);
+        $adminUserList = array();
+        foreach ($admins as $id => $user) {
+            $adminUserList[$id] = 1;
+        }
+        wfConfig::set_ser('adminUserList', $adminUserList);
     }
 
@@ -1136 +1142 @@
 
     /**
+     * @param bool $forceReload
      * @return array
      */
-    public function getCurrentAdmins() {
-        require_once(ABSPATH . WPINC . '/user.php');
-        if (is_multisite()) {
-            if (function_exists("get_sites")) {
-                $sites = get_sites(array(
-                    'network_id' => null,
+    public function getCurrentAdmins($forceReload = false) {
+        if (empty($this->currentAdminList) || $forceReload) {
+            require_once(ABSPATH . WPINC . '/user.php');
+            if (is_multisite()) {
+                if (function_exists("get_sites")) {
+                    $sites = get_sites(array(
+                        'network_id' => null,
+                    ));
+                }
+                else {
+                    $sites = wp_get_sites(array(
+                        'network_id' => null,
+                    ));
+                }
+            } else {
+                $sites = array(array(
+                    'blog_id' => get_current_blog_id(),
                 ));
             }
-            else {
-                $sites = wp_get_sites(array(
-                    'network_id' => null,
+
+            // not very efficient, but the WordPress API doesn't provide a good way to do this.
+            $this->currentAdminList = array();
+            foreach ($sites as $siteRow) {
+                $siteRowArray = (array) $siteRow;
+                $user_query = new WP_User_Query(array(
+                    'blog_id' => $siteRowArray['blog_id'],
+                    'role'    => 'administrator',
                 ));
-            }
-        } else {
-            $sites = array(array(
-                'blog_id' => get_current_blog_id(),
-            ));
-        }
-
-        // not very efficient, but the WordPress API doesn't provide a good way to do this.
-        $admins = array();
-        foreach ($sites as $siteRow) {
-            $siteRowArray = (array) $siteRow;
-            $user_query = new WP_User_Query(array(
-                'blog_id' => $siteRowArray['blog_id'],
-                'role'    => 'administrator',
-            ));
-            $users = $user_query->get_results();
-            if (is_array($users)) {
-                /** @var WP_User $user */
-                foreach ($users as $user) {
-                    $admins[$user->ID] = 1;
-                }
-            }
-        }
-
-        // Add any super admins that aren't also admins on a network
-        $superAdmins = get_super_admins();
-        foreach ($superAdmins as $userLogin) {
-            $user = get_user_by('login', $userLogin);
-            if ($user) {
-                $admins[$user->ID] = 1;
-            }
-        }
-        return $admins;
+                $users = $user_query->get_results();
+                if (is_array($users)) {
+                    /** @var WP_User $user */
+                    foreach ($users as $user) {
+                        $this->currentAdminList[$user->ID] = $user;
+                    }
+                }
+            }
+
+            // Add any super admins that aren't also admins on a network
+            $superAdmins = get_super_admins();
+            foreach ($superAdmins as $userLogin) {
+                $user = get_user_by('login', $userLogin);
+                if ($user) {
+                    $this->currentAdminList[$user->ID] = $user;
+                }
+            }
+        }
+
+        return $this->currentAdminList;
     }
 
@@ -1995 +2005 @@
         if (is_file($path)) {
             $file = basename($path);
-            if (preg_match('#(?:error_log(\-\d+)?$|\.log$)#i', $file)) {
+            if (preg_match('#(?:^php_errorlog$|error_log(\-\d+)?$|\.log$)#i', $file)) {
                 return array($path => is_readable($path));
             }

wordfence/tags/7.4.9/lib/wfScan.php

@@ -257 +257 @@
             self::status(2, 'info', "Wordfence used " . wfUtils::formatBytes($peakMemory - self::$peakMemAtStart) . " of memory for scan. Server peak memory usage was: " . wfUtils::formatBytes($peakMemory));
             self::status(2, 'error', "Scan terminated with error: " . $e->getMessage());
+
+            if (preg_match('/The Wordfence API key you\'re using is already being used by: (\S*?) /', $e->getMessage(), $matches)) {
+                wordfence::alert(__('Wordfence scan failed because of license site URL conflict', 'wordfence'), sprintf(__(<<<MSG
+The Wordfence scan has failed because the Wordfence API key you're using is already being used by: %s
+
+If you have changed your blog URL, please sign-in to Wordfence, purchase a new key or reset an existing key, and then enter that key on this site's Wordfence Options page.
+MSG
+                    , 'wordfence'), $matches[1]), false);
+            }
+
             exit();
         }

wordfence/tags/7.4.9/lib/wfScanEngine.php

@@ -815 +815 @@
                 $fullFile = rtrim(ABSPATH, '/') . '/' . $file;
                 if (!wfUtils::fileTooBig($fullFile)) { //Silently ignore files that are too large for the purposes of inclusion in the scan issue
-                    if (in_array($file, $base_abspath_relative) || (@is_file($fullFile) && @is_readable($fullFile))) {
+                    if (in_array($file, $base_abspath_relative) || in_array($fullFile, $base_absolute) || (@is_file($fullFile) && @is_readable($fullFile))) {
                         $scanned[] = realpath($fullFile);
                     }
@@ -1802 +1802 @@
 
         $adminUsers = new wfAdminUserMonitor();
-        if ($adminUsers->isEnabled() && $suspiciousAdmins = $adminUsers->checkNewAdmins()) {
-            foreach ($suspiciousAdmins as $userID) {
-                $this->scanController->incrementSummaryItem(wfScanner::SUMMARY_SCANNED_USERS);
-                $user = new WP_User($userID);
+        if ($adminUsers->isEnabled()) {
+            try {
+                $response = $this->api->call('suspicious_admin_usernames');
+                if (is_array($response) && isset($response['ok']) && wfUtils::truthyToBoolean($response['ok']) && !empty($response['patterns'])) {
+                    wfConfig::set_ser('suspiciousAdminUsernames', $response['patterns']);
+                }
+            } catch (Exception $e) {
+                // Let the rest of the scan continue
+            }
+
+            $suspiciousAdmins = $adminUsers->checkNewAdmins();
+            if (is_array($suspiciousAdmins)) {
+                foreach ($suspiciousAdmins as $userID) {
+                    $this->scanController->incrementSummaryItem(wfScanner::SUMMARY_SCANNED_USERS);
+                    $user = new WP_User($userID);
+                    $key = 'suspiciousAdminUsers' . $userID;
+                    $added = $this->addIssue('suspiciousAdminUsers', wfIssues::SEVERITY_HIGH, $key, $key,
+                        sprintf(__("An admin user with the username %s was created outside of WordPress.", 'wordfence'), esc_html($user->user_login)),
+                        sprintf(__("An admin user with the username %s was created outside of WordPress. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it.", 'wordfence'), esc_html($user->user_login)),
+                        array(
+                            'userID' => $userID,
+                        ));
+                    if ($added == wfIssues::ISSUE_ADDED || $added == wfIssues::ISSUE_UPDATED) { $haveIssues = wfIssues::STATUS_PROBLEM; }
+                    else if ($haveIssues != wfIssues::STATUS_PROBLEM && ($added == wfIssues::ISSUE_IGNOREP || $added == wfIssues::ISSUE_IGNOREC)) { $haveIssues = wfIssues::STATUS_IGNORED; }
+                }
+            }
+
+            $admins = $adminUsers->getCurrentAdmins();
+            /**
+             * @var WP_User $adminUser
+             */
+            foreach ($admins as $userID => $adminUser) {
+                $added = false;
                 $key = 'suspiciousAdminUsers' . $userID;
-                $added = $this->addIssue('suspiciousAdminUsers', wfIssues::SEVERITY_HIGH, $key, $key,
-                    "An admin user with the username " . esc_html($user->user_login) . " was created outside of WordPress.",
-                    "An admin user with the username " . esc_html($user->user_login) . " was created outside of WordPress. It's
-                possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove
-                it.",
-                    array(
-                        'userID' => $userID,
-                    ));
+
+                // Check against user name list here.
+                $suspiciousAdminUsernames = wfConfig::get_ser('suspiciousAdminUsernames');
+                if (is_array($suspiciousAdminUsernames)) {
+                    foreach ($suspiciousAdminUsernames as $usernamePattern) {
+                        if (preg_match($usernamePattern, $adminUser->user_login)) {
+                            $added = $this->addIssue('suspiciousAdminUsers', wfIssues::SEVERITY_HIGH, $key, $key,
+                                sprintf(__("An admin user with a suspicious username %s was found.", 'wordfence'), esc_html($adminUser->user_login)),
+                                sprintf(__("An admin user with a suspicious username %s was found. Administrators accounts with usernames similar to this are commonly seen created by hackers. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it.", 'wordfence'), esc_html($adminUser->user_login)),
+                                array(
+                                    'userID' => $userID,
+                                ));
+                        }
+                    }
+                }
+
                 if ($added == wfIssues::ISSUE_ADDED || $added == wfIssues::ISSUE_UPDATED) { $haveIssues = wfIssues::STATUS_PROBLEM; }
                 else if ($haveIssues != wfIssues::STATUS_PROBLEM && ($added == wfIssues::ISSUE_IGNOREP || $added == wfIssues::ISSUE_IGNOREC)) { $haveIssues = wfIssues::STATUS_IGNORED; }

wordfence/tags/7.4.9/lib/wfSupportController.php

@@ -148 +148 @@
     const ITEM_SCAN_RESULT_UNKNOWN_FILE_CORE = 'scan-result-unknown-file-in-wordpress-core';
     const ITEM_SCAN_RESULT_SKIPPED_PATHS = 'scan-result-skipped-paths';
-    
+    const ITEM_SCAN_RESULT_REPAIR_MODIFIED_FILES = 'scan-result-repair-modified-files';
+
     const ITEM_TOOLS_TWO_FACTOR = 'tools-two-factor';
     const ITEM_TOOLS_LIVE_TRAFFIC = 'tools-live-traffic';
@@ -325 +326 @@
             case self::ITEM_SCAN_RESULT_UNKNOWN_FILE_CORE:
             case self::ITEM_SCAN_RESULT_SKIPPED_PATHS:
-                
+            case self::ITEM_SCAN_RESULT_REPAIR_MODIFIED_FILES:
+
             case self::ITEM_TOOLS_TWO_FACTOR:
             case self::ITEM_TOOLS_LIVE_TRAFFIC:

wordfence/tags/7.4.9/lib/wfUpdateCheck.php

@@ -10 +10 @@
     private $theme_updates = array();
     private $api = null;
+
+    public static function syncAllVersionInfo() {
+        // Load the core/plugin/theme versions into the WAF configuration.
+        wfConfig::set('wordpressVersion', wfUtils::getWPVersion());
+        wfWAFConfig::set('wordpressVersion', wfUtils::getWPVersion(), wfWAF::getInstance(), 'synced');
+
+        if (!function_exists('get_plugins')) {
+            require_once(ABSPATH . '/wp-admin/includes/plugin.php');
+        }
+
+        $pluginVersions = array();
+        foreach (get_plugins() as $pluginFile => $pluginData) {
+            $slug = plugin_basename($pluginFile);
+            if (preg_match('/^([^\/]+)\//', $pluginFile, $matches)) {
+                $slug = $matches[1];
+            } else if (preg_match('/^([^\/.]+)\.php$/', $pluginFile, $matches)) {
+                $slug = $matches[1];
+            }
+            $pluginVersions[$slug] = isset($pluginData['Version']) ? $pluginData['Version'] : null;
+        }
+
+        wfConfig::set_ser('wordpressPluginVersions', $pluginVersions);
+        wfWAFConfig::set('wordpressPluginVersions', $pluginVersions, wfWAF::getInstance(), 'synced');
+
+        if (!function_exists('wp_get_themes')) {
+            require_once(ABSPATH . '/wp-includes/theme.php');
+        }
+
+        $themeVersions = array();
+        foreach (wp_get_themes() as $slug => $theme) {
+            $themeVersions[$slug] = isset($theme['Version']) ? $theme['Version'] : null;
+        }
+
+        wfConfig::set_ser('wordpressThemeVersions', $themeVersions);
+        wfWAFConfig::set('wordpressThemeVersions', $themeVersions, wfWAF::getInstance(), 'synced');
+    }
 
     public function __construct() {

wordfence/tags/7.4.9/lib/wfVersionCheckController.php

@@ -6 +6 @@
     const VERSION_UNSUPPORTED = 'unsupported';
     
-    const PHP_DEPRECATING = '5.3.0'; //When greater than PHP_MINIMUM, will issue a discontinuing warning the first time we check it and find a version less than this (also applies to the other similar constant pairs)
-    const PHP_MINIMUM = '5.2.0'; //The currently supported minimum
+    const PHP_DEPRECATING = '5.5.0'; //When greater than PHP_MINIMUM, will issue a discontinuing warning the first time we check it and find a version less than this (also applies to the other similar constant pairs)
+    const PHP_MINIMUM = '5.3.0'; //The currently supported minimum
     
     const OPENSSL_DEPRECATING = '1.0.1'; 
@@ -48 +48 @@
                 'phpVersionCheckDeprecationEmail_' . self::PHP_DEPRECATING,
                 __('PHP version too old', 'wordfence'),
-                sprintf(__('Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
+                sprintf(__('Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
             );
             
@@ -54 +54 @@
                 'phpVersionCheckDeprecationNotice_' . self::PHP_DEPRECATING,
                 'phpVersionCheck',
-                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
+                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
             );
         }
@@ -61 +61 @@
                 'phpVersionCheckUnsupportedEmail_' . self::PHP_MINIMUM,
                 __('PHP version too old', 'wordfence'),
-                sprintf(__('Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
+                sprintf(__('Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
             );
             
@@ -67 +67 @@
                 'phpVersionCheckUnsupportedNotice_' . self::PHP_MINIMUM,
                 'phpVersionCheck',
-                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
+                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
             );
         }

wordfence/tags/7.4.9/lib/wordfenceClass.php

@@ -317 +317 @@
             wfScanEngine::startScan(false, wfScanner::SCAN_TYPE_QUICK);
         }
-        
+
+        wfUpdateCheck::syncAllVersionInfo();
+
         wfConfig::remove('lastPermissionsTemplateCheck');
     }
@@ -1279 +1281 @@
         
         add_action('upgrader_process_complete', 'wordfence::_refreshVulnerabilityCache');
+        add_action('upgrader_process_complete', 'wfUpdateCheck::syncAllVersionInfo');
         add_action('upgrader_process_complete', 'wordfence::_scheduleRefreshUpdateNotification', 99, 2);
         add_action('wordfence_refreshUpdateNotification', 'wordfence::_refreshUpdateNotification', 99, 0);
@@ -2223 +2226 @@
                     'betaThreatDefenseFeed' => !!wfConfig::get('betaThreatDefenseFeed'),
                     'disableWAFIPBlocking' => wfConfig::get('disableWAFIPBlocking'),
+                    'wordpressVersion' => wfConfig::get('wordpressVersion'),
+                    'wordpressPluginVersions' => wfConfig::get_ser('wordpressPluginVersions'),
+                    'wordpressThemeVersions' => wfConfig::get_ser('wordpressThemeVersions'),
                 );
                 if (wfUtils::isAdmin()) {
@@ -2529 +2535 @@
     public static function jsonAPIAuthorFilter($response, $handler, $request) {
         $route = $request->get_route();
-        if (!current_user_can('list_users')) {
+        if (!current_user_can('edit_others_posts')) {
             $urlBase = wfWP_REST_Users_Controller::wfGetURLBase();
             if (preg_match('~' . preg_quote($urlBase, '~') . '/*$~i', $route)) {
@@ -3491 +3497 @@
         return compact('result');
     }
+    public static function ajax_exportDiagnostics_callback(){
+        add_filter('gettext', 'wordfence::_diagnosticsTranslationDisabler', 0, 3);
+
+        $url = site_url();
+        $url = preg_replace('/^https?:\/\//i', '', $url);
+        $url = preg_replace('/[^a-zA-Z0-9\.]+/', '_', $url);
+        $url = preg_replace('/^_+/', '', $url);
+        $url = preg_replace('/_+$/', '', $url);
+
+        header('Content-Type: application/octet-stream');
+        header('Content-Disposition: attachment; filename="diagnostics_for_' . $url . '.txt"');
+
+        echo wfView::create('diagnostics/text', array(
+            'diagnostic' => new wfDiagnostic,
+            'plugins' => get_plugins(),
+        ));
+        exit;
+    }
     public static function _diagnosticsTranslationDisabler($translation, $text, $domain) {
         return $text;
@@ -5804 +5828 @@
             'switchTo2FANew', 'switchTo2FAOld',
             'wfcentral_step1', 'wfcentral_step2', 'wfcentral_step3', 'wfcentral_step4', 'wfcentral_step5', 'wfcentral_step6', 'wfcentral_disconnect',
+            'exportDiagnostics',
         ) as $func){
             add_action('wp_ajax_wordfence_' . $func, 'wordfence::ajaxReceiver');
@@ -5904 +5929 @@
             'modalHTMLTemplate' => wfView::create('common/modal-prompt', array('title' => '${title}', 'message' => '{{html message}}', 'primaryButton' => array('id' => 'wf-generic-modal-close', 'label' => __('Close', 'wordfence'), 'link' => '#')))->render(),
             'alertEmailBlacklist' => wfConfig::alertEmailBlacklist(),
+            'supportURLs' => array(
+                'scan-result-repair-modified-files' => esc_url_raw(wfSupportController::supportURL(wfSupportController::ITEM_SCAN_RESULT_REPAIR_MODIFIED_FILES)),
+            ),
             ));
     }
@@ -7526 +7554 @@
         $currentAutoPrependFile = ini_get('auto_prepend_file');
         $currentAutoPrepend = null;
-        if (isset($_POST['currentAutoPrepend']) && !WF_IS_WP_ENGINE) {
+        if (isset($_POST['currentAutoPrepend']) && !WF_IS_WP_ENGINE && !WF_IS_PRESSABLE) {
             $currentAutoPrepend = $_POST['currentAutoPrepend'];
         }
@@ -7688 +7716 @@
         
         try {
-            if ((!isset($_POST['iniModified']) || (isset($_POST['iniModified']) && !$_POST['iniModified']))) { //Uses .user.ini but not yet modified
+            if ((!isset($_POST['iniModified']) || (isset($_POST['iniModified']) && !$_POST['iniModified'])) && !WF_IS_PRESSABLE) { //Uses .user.ini but not yet modified
                 $hasPreviousAutoPrepend = $helper->performIniRemoval($wp_filesystem);
                 
@@ -7729 +7757 @@
             }
             else { //.user.ini and .htaccess modified if applicable and waiting period elapsed or otherwise ready to advance to next step
-                if (WFWAF_AUTO_PREPEND && !WFWAF_SUBDIRECTORY_INSTALL && !WF_IS_WP_ENGINE) { //.user.ini modified, but the WAF is still enabled
+                if (WFWAF_AUTO_PREPEND && !WFWAF_SUBDIRECTORY_INSTALL && !WF_IS_WP_ENGINE && !WF_IS_PRESSABLE) { //.user.ini modified, but the WAF is still enabled
                     $retryAttempted = (isset($_POST['retryAttempted']) && $_POST['retryAttempted']);
                     $userIniError = '<p class="wf-error">';
@@ -8489 +8517 @@
 
     public static function getWAFBootstrapPath() {
+        if (WF_IS_PRESSABLE) {
+            return WP_CONTENT_DIR . '/wordfence-waf.php';
+        }
         return ABSPATH . 'wordfence-waf.php';
     }

wordfence/tags/7.4.9/modules/login-security/wordfence-login-security.php

@@ -28 +28 @@
     
     define('WORDFENCE_LS_VERSION', '1.0.5');
-    define('WORDFENCE_LS_BUILD_NUMBER', '1592338782');
+    define('WORDFENCE_LS_BUILD_NUMBER', '1594219913');
     
     if (!defined('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES')) { define('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES', 15); }

wordfence/tags/7.4.9/readme.txt

@@ -5 +5 @@
 Requires PHP: 5.3
 Tested up to: 5.4
-Stable tag: 7.4.8
+Stable tag: 7.4.9
 
 Secure your website with the most comprehensive WordPress security plugin. Firewall, malware scan, blocking, live traffic, login security & more.
@@ -184 +184 @@
 == Changelog ==
 
+= 7.4.9 - July 8, 2020 =
+
+* Improvement: Added list of known malicious usernames to suspicious administrator scan.
+* Improvement: Added ability for the WAF to determine if a given plugin/theme/core version is installed.
+* Improvement: Added a feature to export a diagnostics report.
+* Improvement: Add php_errorlog to the list of downloadable logs in diagnostics.
+* Improvement: Added a prompt to allow user to download a backup prior to repairing files.
+* Improvement: Prevent scan from failing when the home URL has changed and the key is no longer valid.
+* Improvement: Deprecated PHP 5.3, and ended PHP 5.2 support by prevent auto-update from running on older versions.
+* Fix: Fixed issue where WAF mysqli storage engine cannot find credentials if wflogs/ does not exist.
+* Fix: Changed capability checked to read WP REST API users endpoint when "Prevent discovery of usernames through ..." is enabled.
+* Fix: Prevented duplicate queries for wordfenceCentralConnected wfconfig value.
+* Fix: Prevented custom wp-content or other directories from appearing in "skipped paths" scan result, even when scanned.
+* Fix: Login Attempts dashboard widget "Show more" link is not visible when long usernames and IPs cause wrapping.
+* Fix: Fix typo in the readme.
+
 = 7.4.8 - June 16, 2020 =
 * Fix: Fixed issue with fatal errors encountered during activation under certain conditions.
@@ -194 +210 @@
 * Improvement: Added the state/province name when applicable to geolocation displays in Live Traffic.
 * Improvement: New blocking page design to better inform blocked visitors on how to resolve the block.
-* Improvement: Custom WP_CONTENT_DIR, WP_PLUGIN_DUR, and UPLOADS path constants will now get scanned correctly.
+* Improvement: Custom WP_CONTENT_DIR, WP_PLUGIN_DIR, and UPLOADS path constants will now get scanned correctly.
 * Improvement: Added TLS connection failure detection to brute force reporting and checking and a corresponding backoff period.
 * Fix: Fixed an issue where a bad cron record could interfere with automatic WAF rule updates.

wordfence/tags/7.4.9/vendor/wordfence/wf-waf/src/init.php

@@ -6 +6 @@
 define('WFWAF_LIB_PATH', WFWAF_PATH . 'lib/');
 define('WFWAF_VIEW_PATH', WFWAF_PATH . 'views/');
-define('WFWAF_API_URL_SEC', 'https://noc4.wordfence.com/v1.8/');
+define('WFWAF_API_URL_SEC', 'https://noc4.wordfence.com/v1.9/');
 if (!defined('WFWAF_DEBUG')) {
     define('WFWAF_DEBUG', false);

wordfence/tags/7.4.9/vendor/wordfence/wf-waf/src/lib/rules.php

@@ -497 +497 @@
         'urlschemematches',
         'urlschemenotmatches',
+        'versionequals',
+        'versionnotequals',
+        'versiongreaterthan',
+        'versiongreaterthanequalto',
+        'versionlessthan',
+        'versionlessthanequalto',
     );
 
@@ -1132 +1138 @@
     }
 
+    public function versionEquals($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '==');
+    }
+
+    public function versionNotEquals($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '!=');
+    }
+
+    public function versionGreaterThan($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '>');
+    }
+
+    public function versionGreaterThanEqualTo($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '>=');
+    }
+
+    public function versionLessThan($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '<');
+    }
+
+    public function versionLessThanEqualTo($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '<=');
+    }
+
     /**
      * @return mixed

wordfence/tags/7.4.9/views/scanner/issue-control-repair.php

@@ -2 +2 @@
 if (!defined('WORDFENCE_VERSION')) { exit; }
 ?>
-{{if data.canFix}}<a href="#" class="wf-issue-control wf-issue-control-repair"><svg class="wf-issue-control-icon" viewBox="0 0 106.7 106.7"><path d="M104.94,18.77a4,4,0,0,0-1.17-2.93L90.86,2.93a4.25,4.25,0,0,0-5.87,0L1.17,86.75a4.25,4.25,0,0,0,0,5.86l12.91,12.91A4,4,0,0,0,17,106.7a4,4,0,0,0,2.93-1.17L103.77,21.7a4,4,0,0,0,1.17-2.93ZM75.8,37.87l-7-7,19.1-19.1,7,7Zm0,0"/><path d="M14.93,16.68l2-6.39,6.39-2-6.39-2L14.93,0,13,6.39l-6.39,2,6.39,2Zm0,0"/><path d="M31.87,24.77l3.91,12.77L39.7,24.77l12.77-3.91L39.7,16.95,35.78,4.17,31.87,16.95,19.1,20.86Zm0,0"/><path d="M100.31,48.1l-2-6.39-2,6.39-6.39,2,6.39,2,2,6.39,2-6.39,6.39-2Zm0,0"/><path d="M56.64,16.68l2-6.39,6.39-2-6.39-2L56.64,0l-2,6.39-6.39,2,6.39,2Zm0,0"/></svg><span class="wf-issue-control-label"><?php _e('Repair', 'wordfence'); ?></span></a>{{/if}}
+{{if data.canFix}}<a href="#" class="wf-issue-control wf-issue-control-repair" data-file="${data.file}"><svg class="wf-issue-control-icon" viewBox="0 0 106.7 106.7"><path d="M104.94,18.77a4,4,0,0,0-1.17-2.93L90.86,2.93a4.25,4.25,0,0,0-5.87,0L1.17,86.75a4.25,4.25,0,0,0,0,5.86l12.91,12.91A4,4,0,0,0,17,106.7a4,4,0,0,0,2.93-1.17L103.77,21.7a4,4,0,0,0,1.17-2.93ZM75.8,37.87l-7-7,19.1-19.1,7,7Zm0,0"/><path d="M14.93,16.68l2-6.39,6.39-2-6.39-2L14.93,0,13,6.39l-6.39,2,6.39,2Zm0,0"/><path d="M31.87,24.77l3.91,12.77L39.7,24.77l12.77-3.91L39.7,16.95,35.78,4.17,31.87,16.95,19.1,20.86Zm0,0"/><path d="M100.31,48.1l-2-6.39-2,6.39-6.39,2,6.39,2,2,6.39,2-6.39,6.39-2Zm0,0"/><path d="M56.64,16.68l2-6.39,6.39-2-6.39-2L56.64,0l-2,6.39-6.39,2,6.39,2Zm0,0"/></svg><span class="wf-issue-control-label"><?php _e('Repair', 'wordfence'); ?></span></a>{{/if}}

wordfence/tags/7.4.9/views/scanner/options-group-general.php

@@ -47 +47 @@
                         array('key' => 'scansEnabled_suspiciousOptions', 'label' => __('Scan WordPress core, plugin, and theme options for known dangerous URLs and suspicious content', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_MALWARE_OPTIONS)),
                         array('key' => 'scansEnabled_oldVersions', 'label' => __('Scan for out of date, abandoned, and vulnerable plugins, themes, and WordPress versions', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_UPDATES)),
-                        array('key' => 'scansEnabled_suspiciousAdminUsers', 'label' => __('Scan for admin users created outside of WordPress', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_UNKNOWN_ADMINS)),
+                        array('key' => 'scansEnabled_suspiciousAdminUsers', 'label' => __('Scan for suspicious admin users created outside of WordPress', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_UNKNOWN_ADMINS)),
                         array('key' => 'scansEnabled_passwds', 'label' => __('Check the strength of passwords', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_PASSWORD_STRENGTH)),
                         array('key' => 'scansEnabled_diskSpace', 'label' => __('Monitor disk space', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_DISK_SPACE)),

wordfence/tags/7.4.9/views/waf/waf-install.php

@@ -18 +18 @@
             <?php
             $currentAutoPrependFile = ini_get('auto_prepend_file');
-            if (empty($currentAutoPrependFile) || WF_IS_WP_ENGINE):
+            if (empty($currentAutoPrependFile) || WF_IS_WP_ENGINE || WF_IS_PRESSABLE):
             ?>
             <p><?php _e('To make your site as secure as possible, the Wordfence Web Application Firewall is designed to run via a PHP setting called <code>auto_prepend_file</code>, which ensures it runs before any potentially vulnerable code runs.', 'wordfence'); ?></p>

wordfence/tags/7.4.9/views/waf/waf-uninstall.php

@@ -17 +17 @@
         <div class="wf-modal-content">
         <?php
-        if (WF_IS_WP_ENGINE) {
+        if (WF_IS_WP_ENGINE || WF_IS_PRESSABLE) {
             $currentAutoPrependFile = wordfence::getWAFBootstrapPath();
         } else {

wordfence/tags/7.4.9/waf/bootstrap.php

@@ -12 +12 @@
 if (!defined('WF_IS_WP_ENGINE')) {
     define('WF_IS_WP_ENGINE', isset($_SERVER['IS_WPE']));
+}
+if (!defined('WF_IS_PRESSABLE')) {
+    define('WF_IS_PRESSABLE', (defined('IS_ATOMIC') && IS_ATOMIC) || (defined('IS_PRESSABLE') && IS_PRESSABLE));
 }
 
@@ -693 +696 @@
         @chmod(rtrim(WFWAF_LOG_PATH, '/') . '/.htaccess', (wfWAFWordPress::permissions() | 0444));
     }
+
+    public function getGlobal($global) {
+        if (wfWAFUtils::strpos($global, '.') === false) {
+            return null;
+        }
+        list($prefix, $_global) = explode('.', $global);
+        switch ($prefix) {
+            case 'wordpress':
+                if ($_global === 'core') {
+                    return $this->getStorageEngine()->getConfig('wordpressVersion', null, 'synced');
+                } else if ($_global === 'plugins') {
+                    return $this->getStorageEngine()->getConfig('wordpressPluginVersions', null, 'synced');
+                } else if ($_global === 'themes') {
+                    return $this->getStorageEngine()->getConfig('wordpressThemeVersions', null, 'synced');
+                }
+                break;
+        }
+        return parent::getGlobal($global);
+    }
+}
+
+class wfWAFWordPressStorageMySQL extends wfWAFStorageMySQL {
+
+    public function getSerializedParams() {
+        $params = parent::getSerializedParams();
+        $params[] = 'wordpressPluginVersions';
+        $params[] = 'wordpressThemeVersions';
+        return $params;
+    }
+
+    public function getAutoloadParams() {
+        $params = parent::getAutoloadParams();
+        $params['synced'][] = 'wordpressVersion';
+        $params['synced'][] = 'wordpressPluginVersions';
+        $params['synced'][] = 'wordpressThemeVersions';
+        return $params;
+    }
 }
 
@@ -718 +758 @@
             case 'mysqli':
                 // Find the wp-config.php
-                if (file_exists(dirname(WFWAF_LOG_PATH) . '/../wp-config.php')) {
-                    $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(WFWAF_LOG_PATH . '/../../wp-config.php');
-                } else if (file_exists(dirname(WFWAF_LOG_PATH) . '/../../wp-config.php')) {
-                    $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(WFWAF_LOG_PATH . '/../../../wp-config.php');
+                if (is_dir(dirname(WFWAF_LOG_PATH))) {
+                    if (file_exists(dirname(WFWAF_LOG_PATH) . '/../wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(dirname(WFWAF_LOG_PATH) . '/../wp-config.php');
+                    } else if (file_exists(dirname(WFWAF_LOG_PATH) . '/../../wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(dirname(WFWAF_LOG_PATH) . '/../../wp-config.php');
+                    }
+                } else if (!empty($_SERVER['DOCUMENT_ROOT'])) {
+                    if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig($_SERVER['DOCUMENT_ROOT'] . '/wp-config.php');
+                    } else if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/../wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig($_SERVER['DOCUMENT_ROOT'] . '/../wp-config.php');
+                    }
                 }
 
                 if (!empty($wfWAFDBCredentials)) {
-                    $wfWAFStorageEngine = new wfWAFStorageMySQL(new wfWAFStorageEngineMySQLi(), $wfWAFDBCredentials['tablePrefix']);
+                    $wfWAFStorageEngine = new wfWAFWordPressStorageMySQL(new wfWAFStorageEngineMySQLi(), $wfWAFDBCredentials['tablePrefix']);
                     $wfWAFStorageEngine->getDb()->connect(
                         $wfWAFDBCredentials['user'],

wordfence/tags/7.4.9/wordfence.php

@@ -5 +5 @@
 Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
 Author: Wordfence
-Version: 7.4.8
+Version: 7.4.9
 Author URI: http://www.wordfence.com/
 Network: true
@@ -16 +16 @@
     exit;
 }
-define('WORDFENCE_VERSION', '7.4.8');
-define('WORDFENCE_BUILD_NUMBER', '1592338782');
+define('WORDFENCE_VERSION', '7.4.9');
+define('WORDFENCE_BUILD_NUMBER', '1594219913');
 define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
     basename(dirname(__FILE__)) . '/' . basename(__FILE__));
@@ -37 +37 @@
 if (!defined('WF_IS_WP_ENGINE')) {
     define('WF_IS_WP_ENGINE', isset($_SERVER['IS_WPE']));
+}
+if (!defined('WF_IS_PRESSABLE')) {
+    define('WF_IS_PRESSABLE', (defined('IS_ATOMIC') && IS_ATOMIC) || (defined('IS_PRESSABLE') && IS_PRESSABLE));
 }
 

wordfence/trunk/lib/menu_options.php

@@ -163 +163 @@
                 'wf-option-scansEnabled-suspiciousOptions' => __('Scan WordPress core, plugin, and theme options for known dangerous URLs and suspicious content', 'wordfence'),
                 'wf-option-scansEnabled-oldVersions' => __('Scan for out of date, abandoned, and vulnerable plugins, themes, and WordPress versions', 'wordfence'),
-                'wf-option-scansEnabled-suspiciousAdminUsers' => __('Scan for admin users created outside of WordPress', 'wordfence'),
+                'wf-option-scansEnabled-suspiciousAdminUsers' => __('Scan for suspicious admin users created outside of WordPress', 'wordfence'),
                 'wf-option-scansEnabled-passwds' => __('Check the strength of passwords', 'wordfence'),
                 'wf-option-scansEnabled-diskSpace' => __('Monitor disk space', 'wordfence'),

wordfence/trunk/lib/menu_scanner.php

@@ -21 +21 @@
 }
 ?>
+<div id="wordfenceMode_scan"></div>
 <div class="wrap wordfence">
     <div class="wf-container-fluid">

wordfence/trunk/lib/menu_tools_diagnostic.php

@@ -40 +40 @@
                     <div id="sendByEmailDiv" class="wf-add-bottom">
                         <span class="wf-nowrap">
-                            <input class="wf-btn wf-btn-primary" type="submit" id="sendByEmail" value="Send Report by Email"/>
-                            <input class="wf-btn wf-btn-default" type="button" id="expandAllDiagnostics" value="Expand All Diagnostics"/>
+                            <input class="wf-btn wf-btn-primary wf-btn-sm" type="submit" id="exportDiagnostics" value="Export"/>
+                            <input class="wf-btn wf-btn-primary wf-btn-sm" type="submit" id="sendByEmail" value="Send Report by Email"/>
+                            <input class="wf-btn wf-btn-default wf-btn-sm" type="button" id="expandAllDiagnostics" value="Expand All Diagnostics"/>
                         </span>
                     </div>

wordfence/trunk/lib/wfCentralAPI.php

@@ -320 +320 @@
      */
     public static function isConnected() {
-        return self::isSupported() && ((bool) wfConfig::get('wordfenceCentralConnected', false));
+        return self::isSupported() && ((bool) self::_isConnected());
     }
 
@@ -327 +327 @@
      */
     public static function isPartialConnection() {
-        return !wfConfig::get('wordfenceCentralConnected') && wfConfig::get('wordfenceCentralSiteID');
+        return !self::_isConnected() && wfConfig::get('wordfenceCentralSiteID');
+    }
+
+    public static function _isConnected($forceUpdate = false) {
+        static $isConnected;
+        if (!isset($isConnected) || $forceUpdate) {
+            $isConnected = wfConfig::get('wordfenceCentralConnected', false);
+        }
+        return $isConnected;
     }
 

wordfence/trunk/lib/wfConfig.php

@@ -225 +225 @@
         ),
     );
-    public static $serializedOptions = array('lastAdminLogin', 'scanSched', 'emailedIssuesList', 'wf_summaryItems', 'adminUserList', 'twoFactorUsers', 'alertFreqTrack', 'wfStatusStartMsgs', 'vulnerabilities_plugin', 'vulnerabilities_theme', 'dashboardData', 'malwarePrefixes', 'coreHashes', 'noc1ScanSchedule', 'allScansScheduled', 'disclosureStates', 'scanStageStatuses', 'adminNoticeQueue');
+    public static $serializedOptions = array('lastAdminLogin', 'scanSched', 'emailedIssuesList', 'wf_summaryItems', 'adminUserList', 'twoFactorUsers', 'alertFreqTrack', 'wfStatusStartMsgs', 'vulnerabilities_plugin', 'vulnerabilities_theme', 'dashboardData', 'malwarePrefixes', 'coreHashes', 'noc1ScanSchedule', 'allScansScheduled', 'disclosureStates', 'scanStageStatuses', 'adminNoticeQueue', 'suspiciousAdminUsernames', 'wordpressPluginVersions', 'wordpressThemeVersions');
     // Configuration keypairs that can be set from Central.
     private static $wfCentralInternalConfig = array(
@@ -932 +932 @@
     }
     public static function autoUpdate(){
+        // Prevent auto-update for PHP 5.2. Consider tying this into `wfVersionCheckController::PHP_DEPRECATING`.
+        if (version_compare(PHP_VERSION, '5.3', '<')) {
+            return;
+        }
+
         if (!wfConfig::get('other_bypassLitespeedNoabort', false) && getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false) {
             $lastEmail = self::get('lastLiteSpdEmail', false);

wordfence/trunk/lib/wfDashboard.php

@@ -225 +225 @@
 
         // Wordfence Central
-        $this->wordfenceCentralConnected = wfConfig::get('wordfenceCentralConnected');
+        $this->wordfenceCentralConnected = wfCentral::_isConnected(); // This value is cached.
         $this->wordfenceCentralConnectTime = wfConfig::get('wordfenceCentralConnectTime');
         $this->wordfenceCentralConnectEmail = wfConfig::get('wordfenceCentralConnectEmail');

wordfence/trunk/lib/wfHelperString.php

@@ -20 +20 @@
         return $return_val;
     }
+
+    public static function plainTextTable($table) {
+        if (count($table) === 0) {
+            return '';
+        }
+        $colLengths = array();
+        for ($row = 0; $row < count($table); $row++) {
+            for ($col = 0; $col < count($table[$row]); $col++) {
+                foreach (explode("\n", $table[$row][$col]) as $colText) {
+                    if (!isset($colLengths[$col])) {
+                        $colLengths[$col] = strlen($colText);
+                        continue;
+                    }
+                    $len = strlen($colText);
+                    if ($len > $colLengths[$col]) {
+                        $colLengths[$col] = $len;
+                    }
+                }
+            }
+        }
+        $hr = str_repeat('-', array_sum($colLengths) + (count($colLengths) * 3) + 1);
+        $output = $hr . "\n";
+        for ($row = 0; $row < count($table); $row++) {
+            $colHeight = 0;
+            for ($col = 0; $col < count($table[$row]); $col++) {
+                $height = substr_count($table[$row][$col], "\n");
+                if ($height > $colHeight) {
+                    $colHeight = $height;
+                }
+            }
+            for ($colRow = 0; $colRow <= $colHeight; $colRow++) {
+                for ($col = 0; $col < count($table[$row]); $col++) {
+                    $colRows = explode("\n", $table[$row][$col]);
+                    $output .= '| ' . str_pad(isset($colRows[$colRow]) ? $colRows[$colRow] : '', $colLengths[$col], ' ', STR_PAD_RIGHT) . ' ';
+                }
+                $output .= "|\n";
+            }
+            if ($row === 0) {
+                $output .= $hr . "\n";
+            }
+        }
+        return trim($output . (count($table) > 1 ? $hr : ''));
+    }
 }

wordfence/trunk/lib/wfLog.php

@@ -1057 +1057 @@
 class wfAdminUserMonitor {
 
+    protected $currentAdminList = array();
+
     public function isEnabled() {
         $options = wfScanner::shared()->scanOptions();
@@ -1074 +1076 @@
     public function createInitialList() {
         $admins = $this->getCurrentAdmins();
-        wfConfig::set_ser('adminUserList', $admins);
+        $adminUserList = array();
+        foreach ($admins as $id => $user) {
+            $adminUserList[$id] = 1;
+        }
+        wfConfig::set_ser('adminUserList', $adminUserList);
     }
 
@@ -1136 +1142 @@
 
     /**
+     * @param bool $forceReload
      * @return array
      */
-    public function getCurrentAdmins() {
-        require_once(ABSPATH . WPINC . '/user.php');
-        if (is_multisite()) {
-            if (function_exists("get_sites")) {
-                $sites = get_sites(array(
-                    'network_id' => null,
+    public function getCurrentAdmins($forceReload = false) {
+        if (empty($this->currentAdminList) || $forceReload) {
+            require_once(ABSPATH . WPINC . '/user.php');
+            if (is_multisite()) {
+                if (function_exists("get_sites")) {
+                    $sites = get_sites(array(
+                        'network_id' => null,
+                    ));
+                }
+                else {
+                    $sites = wp_get_sites(array(
+                        'network_id' => null,
+                    ));
+                }
+            } else {
+                $sites = array(array(
+                    'blog_id' => get_current_blog_id(),
                 ));
             }
-            else {
-                $sites = wp_get_sites(array(
-                    'network_id' => null,
+
+            // not very efficient, but the WordPress API doesn't provide a good way to do this.
+            $this->currentAdminList = array();
+            foreach ($sites as $siteRow) {
+                $siteRowArray = (array) $siteRow;
+                $user_query = new WP_User_Query(array(
+                    'blog_id' => $siteRowArray['blog_id'],
+                    'role'    => 'administrator',
                 ));
-            }
-        } else {
-            $sites = array(array(
-                'blog_id' => get_current_blog_id(),
-            ));
-        }
-
-        // not very efficient, but the WordPress API doesn't provide a good way to do this.
-        $admins = array();
-        foreach ($sites as $siteRow) {
-            $siteRowArray = (array) $siteRow;
-            $user_query = new WP_User_Query(array(
-                'blog_id' => $siteRowArray['blog_id'],
-                'role'    => 'administrator',
-            ));
-            $users = $user_query->get_results();
-            if (is_array($users)) {
-                /** @var WP_User $user */
-                foreach ($users as $user) {
-                    $admins[$user->ID] = 1;
-                }
-            }
-        }
-
-        // Add any super admins that aren't also admins on a network
-        $superAdmins = get_super_admins();
-        foreach ($superAdmins as $userLogin) {
-            $user = get_user_by('login', $userLogin);
-            if ($user) {
-                $admins[$user->ID] = 1;
-            }
-        }
-        return $admins;
+                $users = $user_query->get_results();
+                if (is_array($users)) {
+                    /** @var WP_User $user */
+                    foreach ($users as $user) {
+                        $this->currentAdminList[$user->ID] = $user;
+                    }
+                }
+            }
+
+            // Add any super admins that aren't also admins on a network
+            $superAdmins = get_super_admins();
+            foreach ($superAdmins as $userLogin) {
+                $user = get_user_by('login', $userLogin);
+                if ($user) {
+                    $this->currentAdminList[$user->ID] = $user;
+                }
+            }
+        }
+
+        return $this->currentAdminList;
     }
 
@@ -1995 +2005 @@
         if (is_file($path)) {
             $file = basename($path);
-            if (preg_match('#(?:error_log(\-\d+)?$|\.log$)#i', $file)) {
+            if (preg_match('#(?:^php_errorlog$|error_log(\-\d+)?$|\.log$)#i', $file)) {
                 return array($path => is_readable($path));
             }

wordfence/trunk/lib/wfScan.php

@@ -257 +257 @@
             self::status(2, 'info', "Wordfence used " . wfUtils::formatBytes($peakMemory - self::$peakMemAtStart) . " of memory for scan. Server peak memory usage was: " . wfUtils::formatBytes($peakMemory));
             self::status(2, 'error', "Scan terminated with error: " . $e->getMessage());
+
+            if (preg_match('/The Wordfence API key you\'re using is already being used by: (\S*?) /', $e->getMessage(), $matches)) {
+                wordfence::alert(__('Wordfence scan failed because of license site URL conflict', 'wordfence'), sprintf(__(<<<MSG
+The Wordfence scan has failed because the Wordfence API key you're using is already being used by: %s
+
+If you have changed your blog URL, please sign-in to Wordfence, purchase a new key or reset an existing key, and then enter that key on this site's Wordfence Options page.
+MSG
+                    , 'wordfence'), $matches[1]), false);
+            }
+
             exit();
         }

wordfence/trunk/lib/wfScanEngine.php

@@ -815 +815 @@
                 $fullFile = rtrim(ABSPATH, '/') . '/' . $file;
                 if (!wfUtils::fileTooBig($fullFile)) { //Silently ignore files that are too large for the purposes of inclusion in the scan issue
-                    if (in_array($file, $base_abspath_relative) || (@is_file($fullFile) && @is_readable($fullFile))) {
+                    if (in_array($file, $base_abspath_relative) || in_array($fullFile, $base_absolute) || (@is_file($fullFile) && @is_readable($fullFile))) {
                         $scanned[] = realpath($fullFile);
                     }
@@ -1802 +1802 @@
 
         $adminUsers = new wfAdminUserMonitor();
-        if ($adminUsers->isEnabled() && $suspiciousAdmins = $adminUsers->checkNewAdmins()) {
-            foreach ($suspiciousAdmins as $userID) {
-                $this->scanController->incrementSummaryItem(wfScanner::SUMMARY_SCANNED_USERS);
-                $user = new WP_User($userID);
+        if ($adminUsers->isEnabled()) {
+            try {
+                $response = $this->api->call('suspicious_admin_usernames');
+                if (is_array($response) && isset($response['ok']) && wfUtils::truthyToBoolean($response['ok']) && !empty($response['patterns'])) {
+                    wfConfig::set_ser('suspiciousAdminUsernames', $response['patterns']);
+                }
+            } catch (Exception $e) {
+                // Let the rest of the scan continue
+            }
+
+            $suspiciousAdmins = $adminUsers->checkNewAdmins();
+            if (is_array($suspiciousAdmins)) {
+                foreach ($suspiciousAdmins as $userID) {
+                    $this->scanController->incrementSummaryItem(wfScanner::SUMMARY_SCANNED_USERS);
+                    $user = new WP_User($userID);
+                    $key = 'suspiciousAdminUsers' . $userID;
+                    $added = $this->addIssue('suspiciousAdminUsers', wfIssues::SEVERITY_HIGH, $key, $key,
+                        sprintf(__("An admin user with the username %s was created outside of WordPress.", 'wordfence'), esc_html($user->user_login)),
+                        sprintf(__("An admin user with the username %s was created outside of WordPress. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it.", 'wordfence'), esc_html($user->user_login)),
+                        array(
+                            'userID' => $userID,
+                        ));
+                    if ($added == wfIssues::ISSUE_ADDED || $added == wfIssues::ISSUE_UPDATED) { $haveIssues = wfIssues::STATUS_PROBLEM; }
+                    else if ($haveIssues != wfIssues::STATUS_PROBLEM && ($added == wfIssues::ISSUE_IGNOREP || $added == wfIssues::ISSUE_IGNOREC)) { $haveIssues = wfIssues::STATUS_IGNORED; }
+                }
+            }
+
+            $admins = $adminUsers->getCurrentAdmins();
+            /**
+             * @var WP_User $adminUser
+             */
+            foreach ($admins as $userID => $adminUser) {
+                $added = false;
                 $key = 'suspiciousAdminUsers' . $userID;
-                $added = $this->addIssue('suspiciousAdminUsers', wfIssues::SEVERITY_HIGH, $key, $key,
-                    "An admin user with the username " . esc_html($user->user_login) . " was created outside of WordPress.",
-                    "An admin user with the username " . esc_html($user->user_login) . " was created outside of WordPress. It's
-                possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove
-                it.",
-                    array(
-                        'userID' => $userID,
-                    ));
+
+                // Check against user name list here.
+                $suspiciousAdminUsernames = wfConfig::get_ser('suspiciousAdminUsernames');
+                if (is_array($suspiciousAdminUsernames)) {
+                    foreach ($suspiciousAdminUsernames as $usernamePattern) {
+                        if (preg_match($usernamePattern, $adminUser->user_login)) {
+                            $added = $this->addIssue('suspiciousAdminUsers', wfIssues::SEVERITY_HIGH, $key, $key,
+                                sprintf(__("An admin user with a suspicious username %s was found.", 'wordfence'), esc_html($adminUser->user_login)),
+                                sprintf(__("An admin user with a suspicious username %s was found. Administrators accounts with usernames similar to this are commonly seen created by hackers. It's possible a plugin could have created the account, but if you do not recognize the user, we suggest you remove it.", 'wordfence'), esc_html($adminUser->user_login)),
+                                array(
+                                    'userID' => $userID,
+                                ));
+                        }
+                    }
+                }
+
                 if ($added == wfIssues::ISSUE_ADDED || $added == wfIssues::ISSUE_UPDATED) { $haveIssues = wfIssues::STATUS_PROBLEM; }
                 else if ($haveIssues != wfIssues::STATUS_PROBLEM && ($added == wfIssues::ISSUE_IGNOREP || $added == wfIssues::ISSUE_IGNOREC)) { $haveIssues = wfIssues::STATUS_IGNORED; }

wordfence/trunk/lib/wfSupportController.php

@@ -148 +148 @@
     const ITEM_SCAN_RESULT_UNKNOWN_FILE_CORE = 'scan-result-unknown-file-in-wordpress-core';
     const ITEM_SCAN_RESULT_SKIPPED_PATHS = 'scan-result-skipped-paths';
-    
+    const ITEM_SCAN_RESULT_REPAIR_MODIFIED_FILES = 'scan-result-repair-modified-files';
+
     const ITEM_TOOLS_TWO_FACTOR = 'tools-two-factor';
     const ITEM_TOOLS_LIVE_TRAFFIC = 'tools-live-traffic';
@@ -325 +326 @@
             case self::ITEM_SCAN_RESULT_UNKNOWN_FILE_CORE:
             case self::ITEM_SCAN_RESULT_SKIPPED_PATHS:
-                
+            case self::ITEM_SCAN_RESULT_REPAIR_MODIFIED_FILES:
+
             case self::ITEM_TOOLS_TWO_FACTOR:
             case self::ITEM_TOOLS_LIVE_TRAFFIC:

wordfence/trunk/lib/wfUpdateCheck.php

@@ -10 +10 @@
     private $theme_updates = array();
     private $api = null;
+
+    public static function syncAllVersionInfo() {
+        // Load the core/plugin/theme versions into the WAF configuration.
+        wfConfig::set('wordpressVersion', wfUtils::getWPVersion());
+        wfWAFConfig::set('wordpressVersion', wfUtils::getWPVersion(), wfWAF::getInstance(), 'synced');
+
+        if (!function_exists('get_plugins')) {
+            require_once(ABSPATH . '/wp-admin/includes/plugin.php');
+        }
+
+        $pluginVersions = array();
+        foreach (get_plugins() as $pluginFile => $pluginData) {
+            $slug = plugin_basename($pluginFile);
+            if (preg_match('/^([^\/]+)\//', $pluginFile, $matches)) {
+                $slug = $matches[1];
+            } else if (preg_match('/^([^\/.]+)\.php$/', $pluginFile, $matches)) {
+                $slug = $matches[1];
+            }
+            $pluginVersions[$slug] = isset($pluginData['Version']) ? $pluginData['Version'] : null;
+        }
+
+        wfConfig::set_ser('wordpressPluginVersions', $pluginVersions);
+        wfWAFConfig::set('wordpressPluginVersions', $pluginVersions, wfWAF::getInstance(), 'synced');
+
+        if (!function_exists('wp_get_themes')) {
+            require_once(ABSPATH . '/wp-includes/theme.php');
+        }
+
+        $themeVersions = array();
+        foreach (wp_get_themes() as $slug => $theme) {
+            $themeVersions[$slug] = isset($theme['Version']) ? $theme['Version'] : null;
+        }
+
+        wfConfig::set_ser('wordpressThemeVersions', $themeVersions);
+        wfWAFConfig::set('wordpressThemeVersions', $themeVersions, wfWAF::getInstance(), 'synced');
+    }
 
     public function __construct() {

wordfence/trunk/lib/wfVersionCheckController.php

@@ -6 +6 @@
     const VERSION_UNSUPPORTED = 'unsupported';
     
-    const PHP_DEPRECATING = '5.3.0'; //When greater than PHP_MINIMUM, will issue a discontinuing warning the first time we check it and find a version less than this (also applies to the other similar constant pairs)
-    const PHP_MINIMUM = '5.2.0'; //The currently supported minimum
+    const PHP_DEPRECATING = '5.5.0'; //When greater than PHP_MINIMUM, will issue a discontinuing warning the first time we check it and find a version less than this (also applies to the other similar constant pairs)
+    const PHP_MINIMUM = '5.3.0'; //The currently supported minimum
     
     const OPENSSL_DEPRECATING = '1.0.1'; 
@@ -48 +48 @@
                 'phpVersionCheckDeprecationEmail_' . self::PHP_DEPRECATING,
                 __('PHP version too old', 'wordfence'),
-                sprintf(__('Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
+                sprintf(__('Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
             );
             
@@ -54 +54 @@
                 'phpVersionCheckDeprecationNotice_' . self::PHP_DEPRECATING,
                 'phpVersionCheck',
-                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
+                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that will no longer be supported by Wordfence in an upcoming release and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
             );
         }
@@ -61 +61 @@
                 'phpVersionCheckUnsupportedEmail_' . self::PHP_MINIMUM,
                 __('PHP version too old', 'wordfence'),
-                sprintf(__('Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
+                sprintf(__('Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' ' . sprintf(__('Learn More: %s', 'wordfence'), wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP))
             );
             
@@ -67 +67 @@
                 'phpVersionCheckUnsupportedNotice_' . self::PHP_MINIMUM,
                 'phpVersionCheck',
-                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP 7.x or 5.6 but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
+                sprintf(__('<strong>WARNING: </strong> Your site is using a PHP version (%s) that is no longer supported by Wordfence and needs to be updated. We recommend using the newest version of PHP available but will currently support PHP versions as old as %s. Version checks are run regularly, so if you have successfully updated, you can dismiss this notice or check that the update has taken effect later.', 'wordfence'), phpversion(), self::PHP_DEPRECATING) . ' <a href="' . wfSupportController::esc_supportURL(wfSupportController::ITEM_VERSION_PHP) . '" target="_blank" rel="noopener noreferrer">' . __('Learn More', 'wordfence') . '</a>'
             );
         }

wordfence/trunk/lib/wordfenceClass.php

@@ -317 +317 @@
             wfScanEngine::startScan(false, wfScanner::SCAN_TYPE_QUICK);
         }
-        
+
+        wfUpdateCheck::syncAllVersionInfo();
+
         wfConfig::remove('lastPermissionsTemplateCheck');
     }
@@ -1279 +1281 @@
         
         add_action('upgrader_process_complete', 'wordfence::_refreshVulnerabilityCache');
+        add_action('upgrader_process_complete', 'wfUpdateCheck::syncAllVersionInfo');
         add_action('upgrader_process_complete', 'wordfence::_scheduleRefreshUpdateNotification', 99, 2);
         add_action('wordfence_refreshUpdateNotification', 'wordfence::_refreshUpdateNotification', 99, 0);
@@ -2223 +2226 @@
                     'betaThreatDefenseFeed' => !!wfConfig::get('betaThreatDefenseFeed'),
                     'disableWAFIPBlocking' => wfConfig::get('disableWAFIPBlocking'),
+                    'wordpressVersion' => wfConfig::get('wordpressVersion'),
+                    'wordpressPluginVersions' => wfConfig::get_ser('wordpressPluginVersions'),
+                    'wordpressThemeVersions' => wfConfig::get_ser('wordpressThemeVersions'),
                 );
                 if (wfUtils::isAdmin()) {
@@ -2529 +2535 @@
     public static function jsonAPIAuthorFilter($response, $handler, $request) {
         $route = $request->get_route();
-        if (!current_user_can('list_users')) {
+        if (!current_user_can('edit_others_posts')) {
             $urlBase = wfWP_REST_Users_Controller::wfGetURLBase();
             if (preg_match('~' . preg_quote($urlBase, '~') . '/*$~i', $route)) {
@@ -3491 +3497 @@
         return compact('result');
     }
+    public static function ajax_exportDiagnostics_callback(){
+        add_filter('gettext', 'wordfence::_diagnosticsTranslationDisabler', 0, 3);
+
+        $url = site_url();
+        $url = preg_replace('/^https?:\/\//i', '', $url);
+        $url = preg_replace('/[^a-zA-Z0-9\.]+/', '_', $url);
+        $url = preg_replace('/^_+/', '', $url);
+        $url = preg_replace('/_+$/', '', $url);
+
+        header('Content-Type: application/octet-stream');
+        header('Content-Disposition: attachment; filename="diagnostics_for_' . $url . '.txt"');
+
+        echo wfView::create('diagnostics/text', array(
+            'diagnostic' => new wfDiagnostic,
+            'plugins' => get_plugins(),
+        ));
+        exit;
+    }
     public static function _diagnosticsTranslationDisabler($translation, $text, $domain) {
         return $text;
@@ -5804 +5828 @@
             'switchTo2FANew', 'switchTo2FAOld',
             'wfcentral_step1', 'wfcentral_step2', 'wfcentral_step3', 'wfcentral_step4', 'wfcentral_step5', 'wfcentral_step6', 'wfcentral_disconnect',
+            'exportDiagnostics',
         ) as $func){
             add_action('wp_ajax_wordfence_' . $func, 'wordfence::ajaxReceiver');
@@ -5904 +5929 @@
             'modalHTMLTemplate' => wfView::create('common/modal-prompt', array('title' => '${title}', 'message' => '{{html message}}', 'primaryButton' => array('id' => 'wf-generic-modal-close', 'label' => __('Close', 'wordfence'), 'link' => '#')))->render(),
             'alertEmailBlacklist' => wfConfig::alertEmailBlacklist(),
+            'supportURLs' => array(
+                'scan-result-repair-modified-files' => esc_url_raw(wfSupportController::supportURL(wfSupportController::ITEM_SCAN_RESULT_REPAIR_MODIFIED_FILES)),
+            ),
             ));
     }
@@ -7526 +7554 @@
         $currentAutoPrependFile = ini_get('auto_prepend_file');
         $currentAutoPrepend = null;
-        if (isset($_POST['currentAutoPrepend']) && !WF_IS_WP_ENGINE) {
+        if (isset($_POST['currentAutoPrepend']) && !WF_IS_WP_ENGINE && !WF_IS_PRESSABLE) {
             $currentAutoPrepend = $_POST['currentAutoPrepend'];
         }
@@ -7688 +7716 @@
         
         try {
-            if ((!isset($_POST['iniModified']) || (isset($_POST['iniModified']) && !$_POST['iniModified']))) { //Uses .user.ini but not yet modified
+            if ((!isset($_POST['iniModified']) || (isset($_POST['iniModified']) && !$_POST['iniModified'])) && !WF_IS_PRESSABLE) { //Uses .user.ini but not yet modified
                 $hasPreviousAutoPrepend = $helper->performIniRemoval($wp_filesystem);
                 
@@ -7729 +7757 @@
             }
             else { //.user.ini and .htaccess modified if applicable and waiting period elapsed or otherwise ready to advance to next step
-                if (WFWAF_AUTO_PREPEND && !WFWAF_SUBDIRECTORY_INSTALL && !WF_IS_WP_ENGINE) { //.user.ini modified, but the WAF is still enabled
+                if (WFWAF_AUTO_PREPEND && !WFWAF_SUBDIRECTORY_INSTALL && !WF_IS_WP_ENGINE && !WF_IS_PRESSABLE) { //.user.ini modified, but the WAF is still enabled
                     $retryAttempted = (isset($_POST['retryAttempted']) && $_POST['retryAttempted']);
                     $userIniError = '<p class="wf-error">';
@@ -8489 +8517 @@
 
     public static function getWAFBootstrapPath() {
+        if (WF_IS_PRESSABLE) {
+            return WP_CONTENT_DIR . '/wordfence-waf.php';
+        }
         return ABSPATH . 'wordfence-waf.php';
     }

wordfence/trunk/modules/login-security/wordfence-login-security.php

@@ -28 +28 @@
     
     define('WORDFENCE_LS_VERSION', '1.0.5');
-    define('WORDFENCE_LS_BUILD_NUMBER', '1592338782');
+    define('WORDFENCE_LS_BUILD_NUMBER', '1594219913');
     
     if (!defined('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES')) { define('WORDFENCE_LS_EMAIL_VALIDITY_DURATION_MINUTES', 15); }

wordfence/trunk/readme.txt

@@ -184 +184 @@
 == Changelog ==
 
+= 7.4.9 - July 8, 2020 =
+
+* Improvement: Added list of known malicious usernames to suspicious administrator scan.
+* Improvement: Added ability for the WAF to determine if a given plugin/theme/core version is installed.
+* Improvement: Added a feature to export a diagnostics report.
+* Improvement: Add php_errorlog to the list of downloadable logs in diagnostics.
+* Improvement: Added a prompt to allow user to download a backup prior to repairing files.
+* Improvement: Prevent scan from failing when the home URL has changed and the key is no longer valid.
+* Improvement: Deprecated PHP 5.3, and ended PHP 5.2 support by prevent auto-update from running on older versions.
+* Fix: Fixed issue where WAF mysqli storage engine cannot find credentials if wflogs/ does not exist.
+* Fix: Changed capability checked to read WP REST API users endpoint when "Prevent discovery of usernames through ..." is enabled.
+* Fix: Prevented duplicate queries for wordfenceCentralConnected wfconfig value.
+* Fix: Prevented custom wp-content or other directories from appearing in "skipped paths" scan result, even when scanned.
+* Fix: Login Attempts dashboard widget "Show more" link is not visible when long usernames and IPs cause wrapping.
+* Fix: Fix typo in the readme.
+
 = 7.4.8 - June 16, 2020 =
 * Fix: Fixed issue with fatal errors encountered during activation under certain conditions.
@@ -194 +210 @@
 * Improvement: Added the state/province name when applicable to geolocation displays in Live Traffic.
 * Improvement: New blocking page design to better inform blocked visitors on how to resolve the block.
-* Improvement: Custom WP_CONTENT_DIR, WP_PLUGIN_DUR, and UPLOADS path constants will now get scanned correctly.
+* Improvement: Custom WP_CONTENT_DIR, WP_PLUGIN_DIR, and UPLOADS path constants will now get scanned correctly.
 * Improvement: Added TLS connection failure detection to brute force reporting and checking and a corresponding backoff period.
 * Fix: Fixed an issue where a bad cron record could interfere with automatic WAF rule updates.

wordfence/trunk/vendor/wordfence/wf-waf/src/init.php

@@ -6 +6 @@
 define('WFWAF_LIB_PATH', WFWAF_PATH . 'lib/');
 define('WFWAF_VIEW_PATH', WFWAF_PATH . 'views/');
-define('WFWAF_API_URL_SEC', 'https://noc4.wordfence.com/v1.8/');
+define('WFWAF_API_URL_SEC', 'https://noc4.wordfence.com/v1.9/');
 if (!defined('WFWAF_DEBUG')) {
     define('WFWAF_DEBUG', false);

wordfence/trunk/vendor/wordfence/wf-waf/src/lib/rules.php

@@ -497 +497 @@
         'urlschemematches',
         'urlschemenotmatches',
+        'versionequals',
+        'versionnotequals',
+        'versiongreaterthan',
+        'versiongreaterthanequalto',
+        'versionlessthan',
+        'versionlessthanequalto',
     );
 
@@ -1132 +1138 @@
     }
 
+    public function versionEquals($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '==');
+    }
+
+    public function versionNotEquals($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '!=');
+    }
+
+    public function versionGreaterThan($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '>');
+    }
+
+    public function versionGreaterThanEqualTo($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '>=');
+    }
+
+    public function versionLessThan($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '<');
+    }
+
+    public function versionLessThanEqualTo($subject) {
+        if ($subject === null) {
+            return false;
+        }
+        return version_compare($subject, $this->getExpected(), '<=');
+    }
+
     /**
      * @return mixed

wordfence/trunk/views/scanner/issue-control-repair.php

@@ -2 +2 @@
 if (!defined('WORDFENCE_VERSION')) { exit; }
 ?>
-{{if data.canFix}}<a href="#" class="wf-issue-control wf-issue-control-repair"><svg class="wf-issue-control-icon" viewBox="0 0 106.7 106.7"><path d="M104.94,18.77a4,4,0,0,0-1.17-2.93L90.86,2.93a4.25,4.25,0,0,0-5.87,0L1.17,86.75a4.25,4.25,0,0,0,0,5.86l12.91,12.91A4,4,0,0,0,17,106.7a4,4,0,0,0,2.93-1.17L103.77,21.7a4,4,0,0,0,1.17-2.93ZM75.8,37.87l-7-7,19.1-19.1,7,7Zm0,0"/><path d="M14.93,16.68l2-6.39,6.39-2-6.39-2L14.93,0,13,6.39l-6.39,2,6.39,2Zm0,0"/><path d="M31.87,24.77l3.91,12.77L39.7,24.77l12.77-3.91L39.7,16.95,35.78,4.17,31.87,16.95,19.1,20.86Zm0,0"/><path d="M100.31,48.1l-2-6.39-2,6.39-6.39,2,6.39,2,2,6.39,2-6.39,6.39-2Zm0,0"/><path d="M56.64,16.68l2-6.39,6.39-2-6.39-2L56.64,0l-2,6.39-6.39,2,6.39,2Zm0,0"/></svg><span class="wf-issue-control-label"><?php _e('Repair', 'wordfence'); ?></span></a>{{/if}}
+{{if data.canFix}}<a href="#" class="wf-issue-control wf-issue-control-repair" data-file="${data.file}"><svg class="wf-issue-control-icon" viewBox="0 0 106.7 106.7"><path d="M104.94,18.77a4,4,0,0,0-1.17-2.93L90.86,2.93a4.25,4.25,0,0,0-5.87,0L1.17,86.75a4.25,4.25,0,0,0,0,5.86l12.91,12.91A4,4,0,0,0,17,106.7a4,4,0,0,0,2.93-1.17L103.77,21.7a4,4,0,0,0,1.17-2.93ZM75.8,37.87l-7-7,19.1-19.1,7,7Zm0,0"/><path d="M14.93,16.68l2-6.39,6.39-2-6.39-2L14.93,0,13,6.39l-6.39,2,6.39,2Zm0,0"/><path d="M31.87,24.77l3.91,12.77L39.7,24.77l12.77-3.91L39.7,16.95,35.78,4.17,31.87,16.95,19.1,20.86Zm0,0"/><path d="M100.31,48.1l-2-6.39-2,6.39-6.39,2,6.39,2,2,6.39,2-6.39,6.39-2Zm0,0"/><path d="M56.64,16.68l2-6.39,6.39-2-6.39-2L56.64,0l-2,6.39-6.39,2,6.39,2Zm0,0"/></svg><span class="wf-issue-control-label"><?php _e('Repair', 'wordfence'); ?></span></a>{{/if}}

wordfence/trunk/views/scanner/options-group-general.php

@@ -47 +47 @@
                         array('key' => 'scansEnabled_suspiciousOptions', 'label' => __('Scan WordPress core, plugin, and theme options for known dangerous URLs and suspicious content', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_MALWARE_OPTIONS)),
                         array('key' => 'scansEnabled_oldVersions', 'label' => __('Scan for out of date, abandoned, and vulnerable plugins, themes, and WordPress versions', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_UPDATES)),
-                        array('key' => 'scansEnabled_suspiciousAdminUsers', 'label' => __('Scan for admin users created outside of WordPress', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_UNKNOWN_ADMINS)),
+                        array('key' => 'scansEnabled_suspiciousAdminUsers', 'label' => __('Scan for suspicious admin users created outside of WordPress', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_UNKNOWN_ADMINS)),
                         array('key' => 'scansEnabled_passwds', 'label' => __('Check the strength of passwords', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_PASSWORD_STRENGTH)),
                         array('key' => 'scansEnabled_diskSpace', 'label' => __('Monitor disk space', 'wordfence'), 'helpLink' => wfSupportController::supportURL(wfSupportController::ITEM_SCAN_OPTION_DISK_SPACE)),

wordfence/trunk/views/waf/waf-install.php

@@ -18 +18 @@
             <?php
             $currentAutoPrependFile = ini_get('auto_prepend_file');
-            if (empty($currentAutoPrependFile) || WF_IS_WP_ENGINE):
+            if (empty($currentAutoPrependFile) || WF_IS_WP_ENGINE || WF_IS_PRESSABLE):
             ?>
             <p><?php _e('To make your site as secure as possible, the Wordfence Web Application Firewall is designed to run via a PHP setting called <code>auto_prepend_file</code>, which ensures it runs before any potentially vulnerable code runs.', 'wordfence'); ?></p>

wordfence/trunk/views/waf/waf-uninstall.php

@@ -17 +17 @@
         <div class="wf-modal-content">
         <?php
-        if (WF_IS_WP_ENGINE) {
+        if (WF_IS_WP_ENGINE || WF_IS_PRESSABLE) {
             $currentAutoPrependFile = wordfence::getWAFBootstrapPath();
         } else {

wordfence/trunk/waf/bootstrap.php

@@ -12 +12 @@
 if (!defined('WF_IS_WP_ENGINE')) {
     define('WF_IS_WP_ENGINE', isset($_SERVER['IS_WPE']));
+}
+if (!defined('WF_IS_PRESSABLE')) {
+    define('WF_IS_PRESSABLE', (defined('IS_ATOMIC') && IS_ATOMIC) || (defined('IS_PRESSABLE') && IS_PRESSABLE));
 }
 
@@ -693 +696 @@
         @chmod(rtrim(WFWAF_LOG_PATH, '/') . '/.htaccess', (wfWAFWordPress::permissions() | 0444));
     }
+
+    public function getGlobal($global) {
+        if (wfWAFUtils::strpos($global, '.') === false) {
+            return null;
+        }
+        list($prefix, $_global) = explode('.', $global);
+        switch ($prefix) {
+            case 'wordpress':
+                if ($_global === 'core') {
+                    return $this->getStorageEngine()->getConfig('wordpressVersion', null, 'synced');
+                } else if ($_global === 'plugins') {
+                    return $this->getStorageEngine()->getConfig('wordpressPluginVersions', null, 'synced');
+                } else if ($_global === 'themes') {
+                    return $this->getStorageEngine()->getConfig('wordpressThemeVersions', null, 'synced');
+                }
+                break;
+        }
+        return parent::getGlobal($global);
+    }
+}
+
+class wfWAFWordPressStorageMySQL extends wfWAFStorageMySQL {
+
+    public function getSerializedParams() {
+        $params = parent::getSerializedParams();
+        $params[] = 'wordpressPluginVersions';
+        $params[] = 'wordpressThemeVersions';
+        return $params;
+    }
+
+    public function getAutoloadParams() {
+        $params = parent::getAutoloadParams();
+        $params['synced'][] = 'wordpressVersion';
+        $params['synced'][] = 'wordpressPluginVersions';
+        $params['synced'][] = 'wordpressThemeVersions';
+        return $params;
+    }
 }
 
@@ -718 +758 @@
             case 'mysqli':
                 // Find the wp-config.php
-                if (file_exists(dirname(WFWAF_LOG_PATH) . '/../wp-config.php')) {
-                    $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(WFWAF_LOG_PATH . '/../../wp-config.php');
-                } else if (file_exists(dirname(WFWAF_LOG_PATH) . '/../../wp-config.php')) {
-                    $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(WFWAF_LOG_PATH . '/../../../wp-config.php');
+                if (is_dir(dirname(WFWAF_LOG_PATH))) {
+                    if (file_exists(dirname(WFWAF_LOG_PATH) . '/../wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(dirname(WFWAF_LOG_PATH) . '/../wp-config.php');
+                    } else if (file_exists(dirname(WFWAF_LOG_PATH) . '/../../wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig(dirname(WFWAF_LOG_PATH) . '/../../wp-config.php');
+                    }
+                } else if (!empty($_SERVER['DOCUMENT_ROOT'])) {
+                    if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig($_SERVER['DOCUMENT_ROOT'] . '/wp-config.php');
+                    } else if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/../wp-config.php')) {
+                        $wfWAFDBCredentials = wfWAFUtils::extractCredentialsWPConfig($_SERVER['DOCUMENT_ROOT'] . '/../wp-config.php');
+                    }
                 }
 
                 if (!empty($wfWAFDBCredentials)) {
-                    $wfWAFStorageEngine = new wfWAFStorageMySQL(new wfWAFStorageEngineMySQLi(), $wfWAFDBCredentials['tablePrefix']);
+                    $wfWAFStorageEngine = new wfWAFWordPressStorageMySQL(new wfWAFStorageEngineMySQLi(), $wfWAFDBCredentials['tablePrefix']);
                     $wfWAFStorageEngine->getDb()->connect(
                         $wfWAFDBCredentials['user'],

wordfence/trunk/wordfence.php

@@ -5 +5 @@
 Description: Wordfence Security - Anti-virus, Firewall and Malware Scan
 Author: Wordfence
-Version: 7.4.8
+Version: 7.4.9
 Author URI: http://www.wordfence.com/
 Network: true
@@ -16 +16 @@
     exit;
 }
-define('WORDFENCE_VERSION', '7.4.8');
-define('WORDFENCE_BUILD_NUMBER', '1592338782');
+define('WORDFENCE_VERSION', '7.4.9');
+define('WORDFENCE_BUILD_NUMBER', '1594219913');
 define('WORDFENCE_BASENAME', function_exists('plugin_basename') ? plugin_basename(__FILE__) :
     basename(dirname(__FILE__)) . '/' . basename(__FILE__));
@@ -37 +37 @@
 if (!defined('WF_IS_WP_ENGINE')) {
     define('WF_IS_WP_ENGINE', isset($_SERVER['IS_WPE']));
+}
+if (!defined('WF_IS_PRESSABLE')) {
+    define('WF_IS_PRESSABLE', (defined('IS_ATOMIC') && IS_ATOMIC) || (defined('IS_PRESSABLE') && IS_PRESSABLE));
 }