CRITICAL: EXPLOIT: see link in thread | ww.wp.xz.cn

Resolved ieh
(@ieh)

10 years, 5 months ago

One of my sites got hacked through this plugin:

http://forum.3xp1r3.com/thread-14178.html

Was able to narrow it down after finding the ticket they created (clearly a spurious ticket, had like “asdfasdf”) – had the malicious attachment.

People can upload any file, regardless of restrictions.

https://ww.wp.xz.cn/plugins/js-support-ticket/

Viewing 1 replies (of 1 total)

Plugin Author JoomSky
(@rabilal)

10 years, 5 months ago

Hi,

We fix it, please update to latest version.

Regards,
Ahmad Bilal

Viewing 1 replies (of 1 total)

The topic ‘CRITICAL: EXPLOIT: see link in thread’ is closed to new replies.

1 reply
2 participants
Last reply from: JoomSky
Last activity: 10 years, 5 months ago
Status: resolved