Home Forums WordPress Plugins Hide My WP Affected tags: xss csrf id rfe lfi

This topic is: not resolved
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • April 21, 2019 at 2:04 am #26191
    pablorseo

    I’m getting more than 10 mails from the plugin informing me of this.
    What do I do?

    IP: 151.80.80.38
    User ID:
    Date: 2019-04-20T20:55:58+00:00
    Total Impact: 34
    Affected tags: xss csrf id rfe lfi

    Affected parameters: REQUEST.<?xml_version=%26quot%3B1.0%26quot%3B%3F%26gt%3B%26lt%3BmethodCall%26gt%3B%26lt%3BmethodName%26gt%3Bsystem.multicall%26lt%3B%2FmethodName%26gt%3B%26lt%3Bparams%26gt%3B%26lt%3Bparam%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstruct%26gt%3B%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3BmethodName%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Bwp.getUsersBlogs%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3Bparams%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Badmin%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Badmin1%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%26lt%3B%2Fstruct%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fparam%26gt%3B%26lt%3B%2Fparams%26gt%3B%26lt%3B%2FmethodCall%26gt%3B, POST.<?xml_version=%26quot%3B1.0%26quot%3B%3F%26gt%3B%26lt%3BmethodCall%26gt%3B%26lt%3BmethodName%26gt%3Bsystem.multicall%26lt%3B%2FmethodName%26gt%3B%26lt%3Bparams%26gt%3B%26lt%3Bparam%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstruct%26gt%3B%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3BmethodName%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Bwp.getUsersBlogs%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%26lt%3Bmember%26gt%3B%26lt%3Bname%26gt%3Bparams%26lt%3B%2Fname%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Barray%26gt%3B%26lt%3Bdata%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Badmin%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3Bvalue%26gt%3B%26lt%3Bstring%26gt%3Badmin1%26lt%3B%2Fstring%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fmember%26gt%3B%26lt%3B%2Fstruct%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fdata%26gt%3B%26lt%3B%2Farray%26gt%3B%26lt%3B%2Fvalue%26gt%3B%26lt%3B%2Fparam%26gt%3B%26lt%3B%2Fparams%26gt%3B%26lt%3B%2FmethodCall%26gt%3B,

    Request URI: /xmlrpc.php
    Origin: 108.163.170.238

    April 21, 2019 at 4:17 pm #26194
    Suman M.
    Post count: 12480

    Hi, HMWP IDS detects malicious requests coming to your site and notify you about it. But all these requests might not be harmful and you need not worry as HMWP IDS will take care of this and will block the malicious requests if Impact level is more than 20 (default value specified in HMWP IDS). You can stop receiving emails regarding this by setting “Notification Threshold” option to 0 in IDS Firewall tab.

    Note: If in case, valid request is also listed as intrusion then hover over that request name and click on Exclude link to add it to exception list.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.