Support » Plugin: FireStorm Professional Real Estate Plugin » IMPORTANT FOR THE DEVELOPER – SECURITY EXPLOIT

Viewing 1 replies (of 1 total)
  • Plugin Author FireStorm Plugins


    Hello, what version were you running when you were hacked? Have you upgraded to the latest version?

    The link says this exploit is for version 2.06.08 however I don’t see how this is possible. That version includes a check (which is also displayed on that link) that checks to make sure the ID is numeric. If they try to inject any text to exploit/hack your website, it stops the page from loading as a security feature. There is also a secondary check to watch for any SQL injections in the plugin where the user tries to access the wp_users cell.

    In a nutshell, if running version 2.06.08, this hack should not work.

    Hope that helps!


Viewing 1 replies (of 1 total)
  • The topic ‘IMPORTANT FOR THE DEVELOPER – SECURITY EXPLOIT’ is closed to new replies.