Jump to content

Archived

This topic is now archived and is closed to further replies.

faustus501

Security Advisory – Vulnerabilities in Pagelines/Platform theme for WordPress

By faustus501, in DMS & Legacy Products

Recommended Posts

faustus501    0

faustus501
Posted

Hi Pagelines,

 

I have received an email from a clients host saying that their site has been compromised and that the attacker may have exploited a vulnerability in the Platformpro theme;

 

How has this happened?

 

Upon inspecting the access logs, it seems that the attacker may have exploited a vulnerability in the Platformpro theme in your Wordpress site. Please see the below access log snippet for proof:

#########

87.255.57.161 - - [24/Jan/2015:12:39:29 +1100] "POST /wp-content/themes/platformpro/sections/sidebars/section.sb_universal.php HTTP/1.1" 200 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"

#########

 

They also give a reference;

 

Reference: https://thetechplex.com/security-issues/security-advisory-vulnerabilities-in-pagelinesplatform-theme-for-wordpress/

 

Their recommendation is to update the theme but as far as I can tell the theme is up to date.

 

The site in question is http://circusfactory.com.au/

 

Are you aware of this issue? If so is there a patch or update available to resolve this?

 

Many Thanks

 

Justin

Share this post

Link to post
Share on other sites

Danny+    1,327

Danny
Posted

Hi,

 

See our developers reply here and also, please refrain from creating multiple topics regarding the same issue.

Please search our forums, before posting!

Share this post

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Go To Topic Listing DMS & Legacy Products

  • Similar Content

    • faustus501
      Security Advisory – Vulnerabilities in Pagelines/Platform theme for WordPress
      By faustus501
      Hi Pagelines,
       
      I have received an email from a clients host saying their site has been compromised and that attacker may have exploited a vulnerability in the Platformpro theme;
       
      How has this happened?
       
      Upon inspecting the access logs, it seems that the attacker may have exploited a vulnerability in the Platformpro theme in your Wordpress site. Please see the below access log snippet for proof:
      #########
      87.255.57.161 - - [24/Jan/2015:12:39:29 +1100] "POST /wp-content/themes/platformpro/sections/sidebars/section.sb_universal.php HTTP/1.1" 200 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0"
      #########
       
      They also give a reference;
       
      Reference: https://thetechplex.com/security-issues/security-advisory-vulnerabilities-in-pagelinesplatform-theme-for-wordpress/
       
      Their recommendation is to update the theme though as far as I can tell the theme is up to date.
       
      The site in question is http://circusfactory.com.au/
       
      Are you aware of this issue? If so is there an update or patch that can resolve this?
       
      Many thanks
       
      Justin
×