Description

WordPress Plugin WPtouch is prone to a backdoor vulnerability. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Successful attacks will compromise the affected application and possibly the webserver or computer.

Remediation

Install version 1.9.29 or latest

References

http://wordpress.org/news/2011/06/passwords-reset/

http://secunia.com/advisories/45005/

Related Vulnerabilities

Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42130)

WordPress Plugin Use Any Font Unspecified Vulnerability (4.3.6)

WordPress Plugin wp-publications Local File Inclusion (0.0)

WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)

WordPress Improper Input Validation Vulnerability (CVE-2009-2431)

Severity

High

Classification

CWE-95 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update