I have 2 hosting accounts at hostmonster. There are about 30 wordpress installations.
I got an email from hostmonster that I have outdated [login to view URL] files and they need to be updated as a safety precaution.
I need someone to find these files and either update them or delete them (they may be in a site that is dormant or in a theme that is unused).
I am hoping that these files are unused or in a small blog with little traffic, but I have no idea.
Please post a bid and I can give you the job immediately. Thanks.
I received this email from Hostmonster just now:
Dear sir,
This is a courtesy notice that we have found exploitable [login to view URL] file(s) on your account. It is highly recommended that you update these files to the latest available version to prevent possible compromise. This is best done by updating all scripts, plugins, modules and themes on your account to the latest version.
The [login to view URL] file is a script commonly used in WordPress's (and other software's) themes and plugins to resize images. The exploit allows an attacker to arbitrarily upload and create files and/or folders on your account, which can then be used for a number of malicious tasks, including but not limited to defacement, browser high-jacking and infection, data harvesting and more. After a site has been exploited, it may lead to becoming labeled a "Malicious Website" by Google or other security authorities.
Any [login to view URL] file below version 1.35, but above version 1.09 is considered vulnerable, unless patched. To prevent being compromised, we advise you update all instances of [login to view URL] to version 2.0, or patch the existing vulnerable files. Note that patching the files requires more in-depth knowledge of the PHP scripting language.
The updated version of [login to view URL] can be found here:
[login to view URL]
You can find additional information regarding the compromise can be found at the following two website
[login to view URL]
[login to view URL]