Urgently closed vulnerability in link-logPosted on 2015-12-15

Just about two hours after releasing link-log Version 2.0 I was informed by the WordPress Plugin Review Team that the plugin was temporarily withdrawn from the WordPress plugin repository due to an exploit. Seems like I’m too trustful to not think of all the bad things evil-minded people may think of…

It was late already, so I analyzed the problem the next day. Of course the objection was reasonable. Actually there was a flaw that could be used by an attacker to implant malicious code! Probably not a great danger – but naturally an potentially dangerous issue.

After doing some research it was not a big deal to close this security vulnerability in version 2.1. After a review by the Plugin Team the link-log plugin now is re-listed in the repository since a few hours after it was gone for about 4 days.

Upgrade immediately to secure your WordPress installation.

View related Plugin

Short URL to this page: http://p12.click/433PJ