WordPress Plugin DM Albums 1.9.2 vulnerabilities
DM Albums™ is an inline photo album/gallery plugin that displays high quality images and thumbnails perfectly sized to your blog.
Two vulnerabilities have been made public:
1. Stack released a “remote file disclosure vulnerability” (Low-Medium Risk Level)
2. Septemb0x released a “remote file include vulnerability” (Critical Risk Level)
An attacker could use these vulnerabilities to potentially gain full access to the affected WordPress blog.
The plugin is currently in version 1.9.2. Therefore, BlogSec are unaware if a fix is available. It is recommended that you disable the plugin until a patch or upgrade is available.
Random Posts
If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Thank you for posting this. This security hole has been patched in version 1.9.3. Please update your systems to this version.