2.8.5 Injection Exploit
|Reported by:||bradyk||Owned by:||ryan|
|Severity:||blocker||Keywords:||dev-feedback 2nd-opinion exploit, injection, hack, malware, porn|
2.8.5 has a security hole that somehow allows files to be uploaded, code to be changed/removed, and generally hijack the site for malware and porn purposes - full details: http://www.kyle-brady.com/2009/11/07/wordpress-mediatemple-and-an-injection-attack/
I contacted security@…, but have heard nothing and I want to make sure this get handled ASAP.