Uploadify Security Vulnerability

It’s like the TimThumb thing all over again! 🙂

I just had a client call me today with a malware hack that was probbly due to this uploadify thing. It’s a pain to fix so don’t let it happen to you! Take a look at this list and see if you’re using an affected plugin. Just like the timthumb vulnerability, though, there are also good practices to put in place to protect yourself even if you have a vulnerable edition of some plugin and there isn’t an immediate fix. Edit that .htaccess file (check out Making Uploadify Secure) and sleep better at night.

(Fun Fact: I host on WPEngine and I couldn’t even permalink this post uploadify-security-vulnerability. I’m not sure what they are doing but I always enjoy a hosting company who’s being proactive about this sort of thing)