BulletProof Security Plugin for WordPress contains a flaw that allows a cross-site scripting (XSS) attack. This flaw exists because the /admin/htaccess/bpsunlock.php script does not validate input to the ‘dbhost’ POST parameter before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.

BulletProof Security Plugin for WordPress contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the /admin/htaccess/bpsunlock.php script not properly sanitizing user-supplied input to the ‘tableprefix’ parameter. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

BulletProof Security Plugin for WordPress contains a flaw that allows a remote Server-side Request Forgery (SSRF) attack. The flaw exists because the /admin/htaccess/bpsunlock.php script fails to validate pre-authentication user requests. A specially crafted request will validate and then be processed by the backend webserver, which can allow the attacker to inject PHP objects. The response for the request will be passed back which can then be used to access servers that should not be exposed to the internet.