/** * Check if any plugins need an update. * * @return $this */ public function checkPluginUpdates() { $this->plugin_updates = array(); if (!function_exists('wp_update_plugins')) { require_once ABSPATH . WPINC . '/update.php'; } if (!function_exists('plugins_api')) { require_once ABSPATH . '/wp-admin/includes/plugin-install.php'; } wp_update_plugins(); // Check for Plugin updates $update_plugins = get_site_transient('update_plugins'); if ($update_plugins && !empty($update_plugins->response)) { foreach ($update_plugins->response as $plugin => $vals) { if (!function_exists('get_plugin_data')) { require_once ABSPATH . '/wp-admin/includes/plugin.php'; } $pluginFile = wfUtils::getPluginBaseDir() . $plugin; $data = get_plugin_data($pluginFile); $data['pluginFile'] = $pluginFile; $data['newVersion'] = $vals->new_version; $data['slug'] = $vals->slug; $data['wpURL'] = rtrim($vals->url, '/'); //Check the vulnerability database $result = $this->api->call('plugin_vulnerability_check', array(), array('slug' => $vals->slug, 'fromVersion' => $data['Version'], 'toVersion' => $vals->new_version)); $data['vulnerabilityPatched'] = isset($result['vulnerable']) && $result['vulnerable']; $this->plugin_updates[] = $data; } } return $this; }
/** * Check if any plugins need an update. * * @return $this */ public function checkPluginUpdates() { $this->plugin_updates = array(); if (!function_exists('wp_update_plugins')) { require_once ABSPATH . WPINC . '/update.php'; } wp_update_plugins(); // Check for Plugin updates $update_plugins = get_site_transient('update_plugins'); if ($update_plugins && !empty($update_plugins->response)) { foreach ($update_plugins->response as $plugin => $vals) { if (!function_exists('get_plugin_data')) { require_once ABSPATH . '/wp-admin/includes/plugin.php'; } $pluginFile = wfUtils::getPluginBaseDir() . $plugin; $data = get_plugin_data($pluginFile); $data['newVersion'] = $vals->new_version; $this->plugin_updates[] = $data; } } return $this; }
private static function getPotentialTempDirs() { return array(wfUtils::getPluginBaseDir() . 'wordfence/tmp/', sys_get_temp_dir(), ABSPATH . 'wp-content/uploads/'); }
private function scan_oldVersions() { $this->statusIDX['oldVersions'] = wordfence::statusStart("Scanning for old themes, plugins and core files"); if (!function_exists('get_preferred_from_update_core')) { require_once ABSPATH . 'wp-admin/includes/update.php'; } $cur = get_preferred_from_update_core(); $haveIssues = false; if (isset($cur->response) && $cur->response == 'upgrade') { if ($this->addIssue('wfUpgrade', 1, 'wfUpgrade' . $cur->current, 'wfUpgrade' . $cur->current, "Your WordPress version is out of date", "WordPress version " . $cur->current . " is now available. Please upgrade immediately to get the latest security updates from WordPress.", array('currentVersion' => $this->wp_version, 'newVersion' => $cur->current))) { $haveIssues = true; } } $update_plugins = get_site_transient('update_plugins'); if (isset($update_plugins) && !empty($update_plugins->response)) { if (isset($update_plugins) && $update_plugins->response) { foreach ($update_plugins->response as $plugin => $vals) { if (!function_exists('get_plugin_data')) { require_once ABSPATH . '/wp-admin/includes/plugin.php'; } $pluginFile = wfUtils::getPluginBaseDir() . $plugin; $data = get_plugin_data($pluginFile); $data['newVersion'] = $vals->new_version; $key = 'wfPluginUpgrade' . ' ' . $plugin . ' ' . $data['newVersion'] . ' ' . $data['Version']; if ($this->addIssue('wfPluginUpgrade', 1, $key, $key, "The Plugin \"" . $data['Name'] . "\" needs an upgrade.", "You need to upgrade \"" . $data['Name'] . "\" to the newest version to ensure you have any security fixes the developer has released.", $data)) { $haveIssues = true; } } } } $update_themes = get_site_transient('update_themes'); if (isset($update_themes) && !empty($update_themes->response)) { if (!function_exists('get_themes')) { require_once ABSPATH . '/wp-includes/theme.php'; } $themes = get_themes(); foreach ($update_themes->response as $theme => $vals) { foreach ($themes as $name => $themeData) { if (strtolower($name) == $theme) { $tData = array('newVersion' => $vals['new_version'], 'package' => $vals['package'], 'URL' => $vals['url'], 'name' => $themeData['Name'], 'version' => $themeData['Version']); $key = 'wfThemeUpgrade' . ' ' . $theme . ' ' . $tData['version'] . ' ' . $tData['newVersion']; if ($this->addIssue('wfThemeUpgrade', 1, $key, $key, "The Theme \"" . $themeData['Name'] . "\" needs an upgrade.", "You need to upgrade \"" . $themeData['Name'] . "\" to the newest version to ensure you have any security fixes the developer has released.", $tData)) { $haveIssues = true; } } } } } wordfence::statusEnd($this->statusIDX['oldVersions'], $haveIssues); }
private static function getTempDir() { if (!self::$tmpDirCache) { $dirs = array(wfUtils::getPluginBaseDir() . 'wordfence/tmp/', sys_get_temp_dir(), ABSPATH . 'wp-content/uploads/'); $finalDir = 'notmp'; wfUtils::errorsOff(); foreach ($dirs as $dir) { $dir = rtrim($dir, '/') . '/'; $fh = @fopen($dir . 'wftmptest.txt', 'w'); if (!$fh) { continue; } $bytes = @fwrite($fh, 'test'); if ($bytes != 4) { @fclose($fh); continue; } @fclose($fh); if (!@unlink($dir . 'wftmptest.txt')) { continue; } $finalDir = $dir; break; } wfUtils::errorsOn(); self::$tmpDirCache = $finalDir; } if (self::$tmpDirCache == 'notmp') { return false; } else { return self::$tmpDirCache; } }