Hi,
there is a know security issue with the Epsilon framework. This framework is part of the Sparkling theme. Attackers are actively using this to gain access to websites. Please fix this as soon as possible!
See this blogpost for more details:
Thanks @metasequ0ia for raising this.
It is very import that this is fixed ASAP.
But if it helps anyone, you can block specific URL strings in your htaccess file.
As an example - this is what I have added to (the very top of) htaccess to counteract this specific issue
RewriteEngine On
RewriteCond %{QUERY_STRING} action=register
RewriteRule (.*) / [R=302,L]
To explain, this will redirect any url with the register string, to the URL in line 3 (i.e. /).
You can replace that / with any URL.
e.g. I have a manually-written noaccess.html on my sites, hence my htaccess file reads as follows:
RewriteEngine On
RewriteCond %{QUERY_STRING} action=register
RewriteRule (.*) /noaccess.html [R=302,L]
This of course should only be used where you don’t want user registrations !!!
I hope this helps someone.
But we need the core vulnerability fixed, please, and ASAP.
Hey thre
So sorry about that, problem is already reported, we know about it and I hope it will be resolved as soon as possible
Regards
So, when is “as soon as possible”? In this case, every hour counts. We need an update! Bots are actively exploiting this vulnerability.
Is replacing the Epsilon framework in /wp-content/themes/sparkling/inc/libraries/epsilon-framework with a more recent version a solution to the vulnerability?
In the meantime, Sparkling has been added to the list of affected themes here. With the hint that you should uninstall it because there is no patch!
Hi
So sorry about that, I also reported this problem to the management team, unfortunately I cant say when exactly this will be handled but we spend great priority to deal with such problems
Thanks in advance
Hello,
nothing has happened here for over two weeks. It seems to me that safety issues are not taken seriously here. “Great priority” should look different!
No update, no advice to the users, no workaround… That’s sad.
I can’t recommend this theme and all other themes from Colorlib. On the contrary: I will actively use all the channels available to me to point out these problems. Security is the number one issue on the net! Here it is not taken seriously. Goodbye!
Hi @metasequ0ia
So sorry to hear this, I truly understand you, this problem really took a while, I will send a notification to appropriate team members
Regards
Is this still outstanding? I definitely don’t want to develop a site with a theme prone to being hacked.
Yes, unfortunately still no response from the developers. I do not understand this irresponsible behavior. It is necessary to avoid this theme. It is not safe. I have reported the theme to WordPress Themes Team and the people there are also in contact with the developers. However, it’s been over a week now and nothing seems to be happening. Sad…
Any recommendations for themes with a similar design that aren’t actively insecure? Whilst I have no immediate plans to use user accounts, I’d rather have the option to safely do so in the future.
heloo everyone please someone help me i just purased the thme and don’t know how to us it in wordpress.
Sparking is a free theme and I would advise against using it, as like discussed in the thread it’s very easy to hack.
Now I know why so much of my carefully crafted content is missing from my site, a design project that has issued a new piece of artwork and article every month for 11 years. Much of it is now missing. Devastating. I’ll change themes, even though this theme has been perfect until the attack.
This problem was fixed a long time ago. This could not have affected your content even if hackers would have attempted to exploit this bug.
Make sure to keep a daily backup of your website. Many hosting services offer that by default or you can use any of the popular WordPress backup plugins and solutions. That way your website will always be safe from attacks or content disappearance.
1 Like