Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Merry Christmas, now go patch your Wordpress installation
(
seclists.org
)
1 point
by
zx2c4
on Dec 24, 2012
|
hide
|
past
|
favorite
|
2 comments
zx2c4
on Dec 24, 2012
|
next
[–]
Exploit:
http://git.zx2c4.com/w3-total-fail/tree/w3-total-fail.sh
Screencast:
http://git.zx2c4.com/w3-total-fail/plain/screencast.ogv
groobque
on Dec 24, 2012
|
prev
[–]
I can confirm the issue. My install was vulnerable. If you don't want to disable W3, then just add
deny from all
In wp-content/w3tc/dbcache/.htaccess.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Screencast: http://git.zx2c4.com/w3-total-fail/plain/screencast.ogv