Security issues not addressed!

  • Joy

    (@joyously)


    11 years, 4 months ago

    There is a security hole in this plugin.
    I do not have it installed, but my 404 logs show that hackers are attempting to use it to get my config file.

    Attempts look like:
    /wp-content/plugins/google-mp3-audio-player/direct_download.php&file=../../../wp-config.php

    Please close this security hole!

    https://ww.wp.xz.cn/plugins/google-mp3-audio-player/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor Codeart

    (@codeart)

    11 years, 4 months ago

    Hi Joy, thanks for notifying us on this, what a lousy mistake that is.

    We do not actively work on this plugin anymore but we’ll try to fix this security hole ASAP.

    Thanks again.

    Plugin Contributor Codeart

    (@codeart)

    11 years, 4 months ago

    doublepost

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Security issues not addressed!’ is closed to new replies.