WordPress WP Mobile Detector Remote Code Execution Vulnerability
Last Update Date:
6 Jun 2016 09:36
Release Date:
6 Jun 2016
4039
Views
RISK: High Risk
TYPE: Servers - Web Servers
A vulnerability has been identified in WP Mobile Detector, a WordPress plugin. Exploitation of this vulnerability could allow an attacker to take control of an affected website.
Note: This vulnerability is currently being exploited in the wild.
Impact
- Remote Code Execution
System / Technologies affected
- WordPress WP Mobile Detector prior to 3.6
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 3.6.
- Disable the configuration option "allow_url_fopen" if it is not explicitly needed
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with