Authenticated Arbitrary File Upload Vulnerability

Dieser Thread wurde gelöst. Hier ist eine Beschreibung des Problems und der Lösung.

Problem:

There was a Vulnerability report.

Solution:

Update Toolset plugins to the latest version.

This support ticket is created vor 2 Jahre, 4 Monaten. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Dieses Thema enthält 5 Antworten, hat 2 Stimmen.

Zuletzt aktualisiert von dbarber vor 2 Jahre, 4 Monaten.

Assistiert von: Christopher Amirian.

Author

Artikel

März 4, 2023 at 1:54 am #2565589

dbarber

I received a notification about a site with Toolset plugins that Types 3.4.17 has a vulnerability.

More info: versteckter Link

Please advise.

Thanks

März 5, 2023 at 2:54 pm #2566283

Christopher Amirian

Unterstützer

Sprachen: Englisch (English )

Hi there,

Thank you, we will double check this, meanwhile is there any detailed information on which file has the issue mentioned?

Maybe you can give more info?

März 5, 2023 at 4:53 pm #2566347

dbarber

The original report came from iThemes Security Pro, which you can find here:

versteckter Link

I've got the raw details from the report. I don't think they'd be helpful, but let me know if you want them.

März 6, 2023 at 8:14 am #2566691

Christopher Amirian

Unterstützer

Sprachen: Englisch (English )

Hi there,

Thank you very much. I reported this to the second-tier support and will get back to you as soon as I have an update.

Thanks.

März 6, 2023 at 12:15 pm #2566819

Christopher Amirian

Unterstützer

Sprachen: Englisch (English )

Hi there,

We have a new release with the fix implemented.

Please either go to https://toolset.com/account/downloads/ to download Toolset types version 3.4.18.
Or go to WordPress Dashboard > Plugins > Add New and click the "Check for Updates" button to see the new version to install.

Thank you.

März 9, 2023 at 12:56 am #2568883

dbarber

Thank you.