Wptouch Redirection Vulnerability

In theory this: http://www.exploit-db.com/exploits/17423/ could be used to facilitate phishing,

To patch this update to 1.9.28, and apply this patch: https://raw.github.com/Oneiroi/PenTesting/master/patches/wptouch-edb17423.patch

cd /path/to/blog/wp-content/plugins/wptouch/
wget https://raw.github.com/Oneiroi/PenTesting/master/patches/wptouch-edb17423.patch
patch < wptouch-edb17423.patch

update This: http://wordpress.org/news/2011/06/passwords-reset/ causes a 1.9.29 version to be rolled out.

1.9.29 is still vulnerable to this, the patch instructions above still work for 1.9.29

Comments