Update the WPTouch Plugin Immediately to Avoid Security Vulnerability

The online website scanning firm Sucuri has recently discovered a very dangerous vulnerability in the WPTouch Plugin for WordPress. This vulnerability allows attackers to upload files remotely to WordPress websites running this plugin with versions prior to 3.4.3. WPTouch Plugin has a record of over 5 million downloads. If your WordPress is running this plugin, please make sure to update the plugin immediately.

What Exactly is the Problem?

If your website has enabled the “Guest Registration Allowed” feature, a logged-in attacker can upload a backdoor (remote shell) inside your website’s directories and potentially take over your website. You can read the details about this security bug by visiting the Sucuri blog article.

Once again, update the plugin ASAP. In fact, you should always keep your WordPress version and all plugins up-to-date in order to keep your sites secured.

wptouch_3

Posted in: Plugins, Security

Comments

comments

Popular tags

custom-background custom-header custom-menu featured-images free responsive theme free WordPress plugin free WordPress theme full-width-template light responsive-layout responsive theme right sidebar sticky-post theme-options threaded-comments translation-ready two columns White WordPress plugin WordPress theme