WPtouch Security Vulnerability Fixed on SiteGround Servers

WPtouch vulnerability fixed

A serious vulnerability in one of the most popular WordPress plugins - WPtouch was announced yesterday. The exploit allows registered users to upload malicious PHP files to your website and use them to gain further access to it.

The plugin that creates a mobile-friendly version of your website is widely used so our security team immediately took action to prevent our users from getting hacked through this exploit. We've acted in a manner that has been proven successful in the recent JetPack and TimThumb vulnerabilities - we used our application layer firewall to filter out all requests to our servers that try to utilize the exploit.

Although, our customers are shielded against this vulnerability at a server level, we strongly recommend that you update your WPtouch plugin to its latest version where the security issue is properly fixed by the plugin developers.

WordPress Initiatives Manager

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

Reply

* (Required)