by Michael Mimoso
Content management system providers Joomla and WordPress have patched a critical vulnerability in the HD FLV Player, but custom websites running the Flash video player are still vulnerable.
Researchers at Sucuri disclosed this week that a separate security issue can be abused to send spam and has yet to be patched.
“Websites using one of the aforementioned CMS applications and running an outdated version are vulnerable to an Arbitrary File Download vulnerability which could be used, depending on the platform, to take control of the targeted website,” said researcher Marc Alexandre Montpas. “It is important to note that websites using the custom version of this plugin are still vulnerable.”
full article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.