In our previous post about an old arbitrary file upload vulnerability in Magic Fields, we mentioned from reviewing that, that we then noticed that another vulnerability existed.
One of the things that we do to keep track of the plugin vulnerabilities out there is to monitor hacking attempts on our websites. That sometimes leads us to finding what looks to be exploitation of vulnerabilities that a hacker has just discovered. In other cases it shows really old vulnerabilities that hackers are still trying to exploit. We have recently had some requests for a file from the plugin Magic Fields: