Summary
The WordPress ToolsPack Plugin on this host contains a Backdoor.
Attackers can exploit this issue to execute arbitrary code within the context of the affected webserver process.
Solution
Remove the plugin and do a full review of the website - check all your files, update WordPress, change passwords, etc.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ArticleFR CMS Multiple Vulnerabilities - Jan15
- AlefMentor Multiple SQL Injection Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- AWStats configdir parameter arbitrary cmd exec
- AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities