en

‫ WordPress W3 Total Cache Plugin Compromised Source Packages Backdoor Security Issue

IRCAD2011061278
ID:IRCAD2011061278
Release Date: 2011-06-23
Criticality level: Highly critical
Software:
WordPress W3 Total Cache Plugin 0.x
Description:
A security issue has been reported in the W3 Total Cache plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
The security issue is caused due to the distribution of compromised W3 Total Cache plugin source code packages containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.
The compromised source files were distributed on June 21st, 2011 and possibly prior.
Solution:
Manually install version 0.9.2.3 downloaded after June 21st, 2011
References:
Secunia:

The Wall

No comments
You need to sign in to comment