Live exploit in plugin JS Support Ticket and I can't notify them
-
I’ve tried to post this on the plugin page, but can’t. There’s a live exploit where anyone can upload any file and access it via browser. One of my sites was exploited/hacked this way.
Here’s a link with info:
http://forum.3xp1r3.com/thread-14178.html
Please notify the plugin devs and/or pull the plugin or whatever your procedures are.
Thank you very kindly, and happy holidays!
-
Hi,
This is not the correct forum for WordPress.org plugins. Please post this on https://wordpress.org/support/plugin/js-support-ticket so their devs can take a look. You will need to create a WordPress.org account if you don’t have one already. Thanks.
-
As I said in my post, I tried to post there, and can’t.
So if you close this without further action, anyone else using the plugin is also screwed.
What can we do?
-
-
That worked. As long as they can see this thread, it’ll work: https://wordpress.org/support/topic/warning-live-exploit?replies=1#post-7825174
-
-
-
- The topic ‘Live exploit in plugin JS Support Ticket and I can't notify them’ is closed to new replies.
WordPress.com Forums 