Title: Exploit to upload arbitrary php file Last modified: September 3, 2016 --- # Exploit to upload arbitrary php file * [rubensedanoc](https://wordpress.org/support/users/rubensedanoc/) * (@rubensedanoc) * [11 years, 5 months ago](https://wordpress.org/support/topic/exploit-to-upload-arbitrary-php-file/) * I am currently being hacked by a arbitrary file uploaded to my server. Can you fix the problem, the exploit is public in internet, please update your plugin. Best regards. Viewing 2 replies - 1 through 2 (of 2 total) * Plugin Contributor [photocrati](https://wordpress.org/support/users/photocrati/) * (@photocrati) * [11 years, 5 months ago](https://wordpress.org/support/topic/exploit-to-upload-arbitrary-php-file/#post-7911180) * [@rubensedanoc](https://wordpress.org/support/users/rubensedanoc/) – Reporting this as a review item is not really the best approach. * Please send us a Bug Report ([http://www.nextgen-gallery.com/report-bug/](http://www.nextgen-gallery.com/report-bug/)) so we can look at this as soon as possible. Also please include in the Bug Report how you are able to definitely know that this is directly related to NextGEN Gallery. * Thanks! * – Cais * [edanzer](https://wordpress.org/support/users/edanzer/) * (@edanzer) * [11 years, 2 months ago](https://wordpress.org/support/topic/exploit-to-upload-arbitrary-php-file/#post-7911202) * [@rubensedanoc](https://wordpress.org/support/users/rubensedanoc/) – Just wanted to follow up on this. First, thanks for reaching out to us when you did about a possible security vulnerability. We always take that stuff seriously, and we appreciate the notice. * I was reviewing your correspondence with our team. I think we’ve confirmed that this was resolved. As a extra note for you and others, the vulnerability report that you sent actually notes this issue was only present in 2.0.63 and less and was confirmed patched in 2.0.65 (May 2014). * If you still see an issue, can you please follow up on our email thread. But assuming this issue is resolved, we’re wondering if you might consider bumping your one-star rating? * Thanks again. (Erick) Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Exploit to upload arbitrary php file’ is closed to new replies. * ![](https://ps.w.org/nextgen-gallery/assets/icon-256x256.png?rev=2083961) * [Photo Gallery, Sliders, Proofing and Themes - NextGEN Gallery](https://wordpress.org/plugins/nextgen-gallery/) * [Frequently Asked Questions](https://wordpress.org/plugins/nextgen-gallery/#faq) * [Support Threads](https://wordpress.org/support/plugin/nextgen-gallery/) * [Active Topics](https://wordpress.org/support/plugin/nextgen-gallery/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/nextgen-gallery/unresolved/) * [Reviews](https://wordpress.org/support/plugin/nextgen-gallery/reviews/) * 2 replies * 3 participants * Last reply from: [edanzer](https://wordpress.org/support/users/edanzer/) * Last activity: [11 years, 2 months ago](https://wordpress.org/support/topic/exploit-to-upload-arbitrary-php-file/#post-7911202)