[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Slider Revolution/Showbiz Pro shell upload exploit

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] Slider Revolution/Showbiz Pro shell upload exploit
From: Lukasz Biegaj <l.biegaj@xxxxxxxxxxx>
Date: Thu, 27 Nov 2014 10:00:03 +0100

W dniu 25.11.2014 o 17:37, Simo Ben youssef pisze:

# decided to patch without releasing a full security advisory, leaving 
thousands of revslider users who didn't update their plugin to the
# latest version (=> 3.0.96) vulnerable to this nasty flaw,

Keep in mind, that version 3.0.96 was released about a year ago, so ifyour wordpress is not that old, then you're unaffected.


--
Łukasz Biegaj
NetShock.pl sp.j. - Rozwiązania internetowe


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] Slider Revolution/Showbiz Pro shell upload exploit
  - From: Simo Ben youssef

Prev by Date: [FD] XSS (in 20 chars) in Microsoft IIS 7.5 error message
Next by Date: [FD] [Tool] Responder v2.1.3
Previous by thread: Re: [FD] Slider Revolution/Showbiz Pro shell upload exploit
Next by thread: [FD] Defense in depth -- the Microsoft way (part 21): errors/inconsistencies in Windows registry data may lead to buffer overflows or use of random data
Index(es):
- Date
- Thread