I wanted to install wp-cumulus on my Joomla website but the IT guy said that there were security holes in the code that need to be addressed (we had recently gotten hacked, hence the caution) does anyone know of any fixes for this?
[Plugin: WP-Cumulus] wp cumulus security issues (2 posts)
-
davidhmercier
Posted 2 years ago # -
It is true that there was an XSS vulnerability in earlier versions of WP-Cumulus. Those have long been fixed in the WordPress version of the plugin, but for other ports to be safe their authors need to include the lastest version of tagcloud.swf. It's pretty much a drop-in replacement for older versions, si it shouldn't be hard.
I had an email conversation with the Joomlabear people yesterday about the specifics of the vulnerability, so I wouldn't be surpriseed if an updated version of the Joomla port is released soon.
Topic Closed
This topic has been closed to new replies.
