Yesterday we released posts for vulnerabilities in 16 plugins, which all shared the same code that allowed anyone access to functions only intended to be accessible to Administrator level users. For two of those plugins though the most serious vulnerability permitted by this did not exist. That vulnerability was the ability to upload arbitrary files, which could allow a hacker to upload .php file and then use that to perform any action they want on the website.

Looking back through the old versions we can see that for one those plugins, Royal Gallery, that vulnerability had actually existed in version 2.0 and then was fixed in 2.1. In a reminder that you really need to keep all of your plugins up to date all the time, instead of trying to update them upon becoming aware of a security issue (which far to often WordPress security companies tacitly promote by telling people they should update some specific plugin right away), the changelog entry for that version reads only: [Read more]