WordPress wptouch plugin SQL Injection Vulnerability | WordPress.org

channelcast
(@channelcast)

11 years ago

Hi,

my word press installation was infected by malware twice the last seven days. The guys from sucurinet.net send me an e-mail after cleaning and informed me that the wp touch plugin could be vulnerable.

See http://www.exploit-db.com/exploits/18039/

I am wondering if this exploid still exists or has already been fixed.

Best regards

Christian

http://wordpress.org/extend/plugins/wptouch/

Viewing 2 replies - 1 through 2 (of 2 total)

Krishna
(@1nexus)

11 years ago

If you can post your site URL, we can have a look and tell you.

BraveNewCode Inc.
(@bravenewcode)

11 years ago

Hi Christian,

I am wondering if this exploid still exists or has already been fixed.

That was a bogus security exploit reported as WPtouch does not and has never shipped with a ajax.php, which is where the exploit is being reported. Making the exploit impossible.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘WordPress wptouch plugin SQL Injection Vulnerability’ is closed to new replies.

In: Plugins
2 replies
3 participants
Last reply from: BraveNewCode Inc.
Last activity: 11 years ago
Status: not resolved