Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Yet another WordPress vuln: Image furtler plugin lets BADNESS in

Yet another WordPress vuln: Image furtler plugin lets BADNESS in

2014/06/27

The Register - (International) Security researchers warned users of the TimThumb plugin for Wordpress that a vulnerability exists in the plugin that could allow attackers to inject code or create, remove, and modify files. The vulnerability exists in the plugin's Webshot option, which is turned off by default.

Source: http://www.theregister.co.uk/2014/06/27/wordpress_0day/

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:20:44