Vær opmærksom hvis i bruger noget af nedenstående:
Cubed Themes version 1.0 to 1.2. Remote file upload vulnerability. Distributed by themeprofessor.com. Exploit released on 9 November 2013.
Army Knife Theme, unspecified version. CSRF File Upload vulnerability. Theme is distributed by freelancewp.com. Exploit released 9 November 2013.
Charcoal Theme. CSRF File upload vulnerability. Distributed by the official WordPress repository. The theme hasn't been updated for several years, so we recommend deleting all files from your system.
WP Realty Plugin may contain an email sender vulnerability. Please contact vendor for clarification. We're seeing exploits that claim to exploit this hole. Plugin is distributed by wprealty.org.
The following themes distributed by orange-themes.com appear to contain a remote file upload vulnerability and we're seeing exploits appear in the wild, all published around November 12, 2013: Rockstar Theme, Reganto Theme, Ray of Light Theme, Radial Theme, Oxygen Theme, Bulteno Theme, Bordeaux Theme. Please contact the vendor to find out of your theme is applicable and what action to take.
Amplus Theme version 3.x.x contains a CSRF file upload vulnerability. We're unclear who the vendor is, but it appears to be Themeforest.
Make a Statement Theme version 1.x.x (also known as MaS ) contains a CSRF file upload vulnerability. Exploit distributed November 17, 2013. Vendor is themes.mas.gambit.ph.
Dimension Theme, unspecified version, contains a CSRF file upload vulnerability. Theme is distributed by ThemeForest. Exploit appeared November 17th, 2013.
Euclid Version 1 Theme contains a CSRF File Upload Vulnerability. Exploit appeared today. Theme is distributed by FreelanceWP.com.
Project 10 Theme, Version 1.0. Remote file upload vulnerability. Distributed by ThemeForest. Exploit appeared today.