One of those popular vulnerable plugin is Easy Comment Upload plugin, The version 0.61 and prior versions are affected with Arbitrary File Upload Vulnerability. The plugin fails to check the upload file type as a reason of which it can be exploited by uploading a Phtml file.
There are thousands of wordpress blogs still vulnerable to this attack. The vulnerability can be fixed by updating the wordpress easy comments plugin to version 0.71.
If you want to know more about Protecting your wordpress blog from hackers you can refer the following posts, If you still think your blog is vulnerable drop me an email and I will perform a security assessment on your blog.
At RHA Infosec we provide different types of Security Testing from small business sites to Corporate Sites. Click Here to know more about our complete list of services.
Kindly Bookmark it and Share it with Friends: