If you have a WordPress blog or website that has the WP Super Cache or W3 Total Cache plugins installed, this will affect you.
Please make sure that your plugins have the following minimum version:-
- WP Super Cache: 1.3
- W3 Total Cache: 0.9.2.9
You can find the plugin's version by going to your WordPress Admin --> Plugins --> Installed Plugins.
If your plugin is older than the above version, please get them updated immediately.
Older version of the plugins have a very serious vulnerability - remote code execution (RCE).
RCE allows an attacker to execute PHP commands for your hosting accounts and the attacker can even access your account while bypassing all your authentication controls. They can do this by just posting comments in your website.
It is important for you to make sure all plugins are constantly updated to the latest version. We recommend that you check for updates at least on a weekly basis.
Thursday, April 25, 2013