ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WPtouch Plugin <= 3.x - Insecure Nonce Generation

Product
WPtouch
Description
Because of this vulnerability, a logged­-in attacker can potentially take over the website by uploading a backdoor and then do anything he wants.
Solution
Update the plugin.
Classification
Type Unknown
References
Blog Sucuri
CVE
Name CVE-N/A
Versions
Affected In <= 3.x
Fixed In 3.4.3
Disclosure date
2014-08-01