WordPress Plugins and Themes vulnerability: March Edition
This is the Motherload
From the post
The plugins and themes use an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated users, such as subscriber could access the debug logs. Unauthenticated attackers could also make a logged in admin toggle the debug mode via a CSRF attack.
VPS reviews | | MicroLXC | English is my nth language.
Well, doesn't that sound reassuring cough
Ympker's Shared/Reseller Hosting Comparison Chart, Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.