The author has provided a fix and we quickly rolled out a patch to address this. It is basically there to support legacy ads 2. If You have not downloaded the security patch yet, we strongly suggest doing so now. Aug 29, at 8: It can be downloaded from your customer dashboard. We introduced TimThumb in ClassiPress 3. Make sure not to delete your active version. 
| Uploader: | Zulkilkis |
| Date Added: | 25 October 2004 |
| File Size: | 55.34 Mb |
| Operating Systems: | Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X |
| Downloads: | 93191 |
| Price: | Free* [*Free Regsitration Required] |
You likely have legacy ads which require TimThumb to work correctly. I currently have 3.
The release notes go into detail as to what is included in the update. People who liked this. My classipress is 3.
We introduced TimThumb in ClassiPress 3. You can read the release notes classiptess see which files have changed. Aug 17, at It is basically there to support legacy ads 2.
ClassiPress = TimThumb Security Patch | AppThemes
They are susceptible to being exploited even though they may not be your active theme. By David Aug 17th, Aug 29, at 8: Aug 29, at 4: At the same time, we did security review so we could tighten up any other possible issues with the same security patch.
Many of you have likely heard about the recent TimThumb security vulnerability and we wanted to address the issue as well. You should only have the latest version on your site. classpiress
You can either apply the patch or install the full classipreds again. Delete any old versions of ClassiPress you may have sitting on your web server. Aug 17, at 7: We try to do all we can to keep our themes as secure as possible. The easiest way is to just upgrade to 3.
WordPress Classipress Theme Cross Site Scripting Exploits - Exploitalert
Aug 17, at 8: Aug 18, at 3: Customers who purchased 2. Do I need some setting to enable caching? What else was done? Aug 19, at Aug 20, at Aug 27, at 1: The author has provided a fix and we quickly rolled out a patch to address this.
Do you want to use VulDB in your project?
If You have not downloaded the security patch yet, we strongly suggest doing so now. Aug 22, at Recently a vulnerability was discovered within the script that allows hackers to upload and execute arbitrary PHP code within your TimThumb cache directory.
Any customer using ClassiPress version 3. It can be downloaded from your customer dashboard. Do I need to update again? Timthumb is a popular classipress resizing script that is used in many WordPress themes including ClassiPress.
Комментариев нет:
Отправить комментарий