Title: Upload Exploit
Last modified: August 22, 2016

---

# Upload Exploit

 *  Resolved [m1da](https://wordpress.org/support/users/m1da/)
 * (@m1da)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/upload-exploit/)
 * Hello, my site has been today hacked and compromised!
 * Problem is in **/wp-content/plugins/wp-symposium/server/php/index.php** -> **/
   wp-content/plugins/wp-symposium/server/php/UploadHandler.php**
 * **class UploadHandler** is not protected and **/wp-content/plugins/wp-symposium/
   server/php/UploadHandler.php** allow any extension!
 * On my website has been uploaded encoded .php files for sending spam and many 
   more 🙁
 * [https://wordpress.org/plugins/wp-symposium/](https://wordpress.org/plugins/wp-symposium/)

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Author [Simon Goodchild](https://wordpress.org/support/users/simongoodchild/)
 * (@simongoodchild)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/upload-exploit/#post-5607758)
 * Hi m1da, sorry to hear about your problems, this is always a priority to fix,
   could I ask you to log you problem on [http://www.wpsymposium.com](http://www.wpsymposium.com),
   as we handle all support through there?
 * First please make sure you have updated to the latest version of the plugin as
   this was previously identified.
 * Secondly, ensure that in /wp-content/plugins/wp-symposium/server/php you only
   have two files:
 * index.php and UploadHandler.php
 * remove all other files.
 * and then let’s continue at [http://www.wpsymposium.com](http://www.wpsymposium.com)
   to make sure everything is ok with your installation.
 *  Plugin Author [Robert Dempsey](https://wordpress.org/support/users/robertd62/)
 * (@robertd62)
 * [10 years, 9 months ago](https://wordpress.org/support/topic/upload-exploit/#post-5608082)
 * This has been fixed and is not a issue in latest release

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Upload Exploit’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/wp-symposium_246fc2.svg)
 * [Author: WP Symposium](https://wordpress.org/plugins/wp-symposium/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-symposium/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-symposium/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-symposium/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-symposium/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-symposium/reviews/)

 * 2 replies
 * 3 participants
 * Last reply from: [Robert Dempsey](https://wordpress.org/support/users/robertd62/)
 * Last activity: [10 years, 9 months ago](https://wordpress.org/support/topic/upload-exploit/#post-5608082)
 * Status: resolved