Blog

Sitesassure Security Blog

This is some blog description about this site

Security Advisory – High Severity – WordPress Download Manager

wordpress iconAdvisory for: WordPress Download Manager

Security Risk: Very High

Exploitation level: Easy/Remote

DREAD Score: 9/10

Vulnerability: Code Execution / Remote File Inclusion

Patched Version: <2.7.5\\http://www.sitesassure.com/images/wordpressIcon2.png

 

If you’re using the popular WP Download Manager plugin (around 850,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF), we found a dangerous remote code execution (RCE) and remote file inclusion (RFI) vulnerability. A malicious user can exploit this vulnerability to take control of your website by uploading backdoors and modifying user passwords.The vulnerability was discovered and disclosed last week and immediately patched by the WP Download Manager. They have released a patch in version 2.7.5 to fix this issue.

http://blog.sucuri.net/2014/12/security-advisory-high-severity-wordpress-download-manager.html

Sitesassure - MORE THE REASON

 

Share this article:

Joomla 2.5 will be End-Of-Life end of 2014 MAJOR S...
Mysterious Russian Malware Is Infecting 100,000+ W...

Contact Us

Contact Us
First Name (*)
Please let us know your name.
Your Email (*)
Please let us know your email address.
Company (*)
Please let us know your Company
Last Name (*)
Please let us know your last name.
Phone (*)
Please let us know your Phone
Subject (*)
Please write a subject for your message.
Message (*)
Please let us know your message.
Captcha (*)

Invalid Input

SitesAssure.com

185 E Elm St #812
Torrington, Connecticut 06790
Call: 1-(860) 294-2444
Monday - Friday, 8am - 8pm


Interwebshop Internet Services, LLC BBB Business Review