WordPress Themes Vulnerability:US-CERT Current Activity(情報元のブックマーク数)
WordPressのテーマに脆弱性、、、、この前なんか出てたなぁ・・・phpでリンクを作りまくるとか・・・
WordPress Themes Vulnerability
added August 3, 2011 at 10:05 am
TimThumb, a PHP script that is reused in many popular themes for the WordPress blog software, contains a vulnerability that allows a remote attacker to upload arbitrary PHP code to an affected site.US-CERT encourages users and administrators to:
determine if any hosted blogs use TimThumb by searching for timthumb.php or thumb.php
http://www.us-cert.gov/current/index.htmlwordpress_themes_vulnerability
review the blog entry on the issue and apply any necessary updates or workarounds to help mitigate the risks