I do not have the 1-flash-gallery plugin installed. I haven’t received another notice, so I suspect it was someone checking for vulnerabilities….
I got this warning this morning, emailed to me as “Alert from WordPress Firewall on website.com”:
WordPress Firewall has detected and blocked a potential attack!
Web Page: website.com//wp-content/plugins/1-flash-gallery/upload.php?action=uploadify&fileext=php
Warning: URL may contain dangerous content!
Offending IP: 213.144.230.22 [ Get IP location ]
Offending Parameter: $_FILE = index.bak.php
This may be a “Executable File Upload Attack.”
Click here for more information on this type of attack.
If you suspect this may be a false alarm because of something you recently did, try to confirm by repeating those actions. If so, whitelist it via the “whitelist this variable” link below. This will prevent future false alarms.
Click here to whitelist this variable.
Click here to turn off these emails.
Repeated warnings for similar attacks are currently sent via email, click here to suppress them.
