15 Jul

2014

WPtouch Security Vulnerability Fixed on SiteGround Servers

WPtouch vulnerability fixed

A serious vulnerability in one of the most popular WordPress plugins – WPtouch was announced yesterday. The exploit allows registered users to upload malicious PHP files to your website and use them to gain further access to it.

The plugin that creates a mobile-friendly version of your website is widely used so our security team immediately took action to prevent our users from getting hacked through this exploit. We’ve acted in a manner that has been proven successful in the recent JetPack and TimThumb vulnerabilities – we used our application layer firewall to filter out all requests to our servers that try to utilize the exploit.

Although, our customers are shielded against this vulnerability at a server level, we strongly recommend that you update your WPtouch plugin to its latest version where the security issue is properly fixed by the plugin developers.

Author: Hristo Pandjarov

Product Development - Technical

Enthusiastic about all Open Source applications you can think of, but mostly about Joomla and WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!