Update WP Super Cache and W3TC Immediately

[ksigmtsu]

New exploit discovered in both plugins that allowed remote execution of php commands on your server inside the comments fields and other places.

Either update or remove both those plugins immediately to avoid being vulnerable to the exploit.

http://blog.sucuri.net/2013/04/upda...e-code-execution-vulnerability-disclosed.html

 

[aplusr]

I remember hearing about this exploit earlier this year and updating the W3 Total Cache plugin which is installed on my website as soon as I could.

I know that a lot of business owners still have older versions of WordPress and older versions of plugins installed so I think this information may still be useful.

But I've always thought that W3 Total Cache and similar plugins were for the tech savvy who compulsively update their WordPress site/plugins anyway. I think the business owners most vulnerable are the ones who had the plugin installed by a Web Designer or Developer who built the website and that they now manage but forget to update WordPress and the plugins.