Posted by MustLive on Jul 05

Hello list!

Let’s back to vulnerabilities, which I disclosed in April 2011, which can be
used for DDoS attacks on other sites, e.g. with my DAVOSET
(http://seclists.org/fulldisclosure/2015/Jun/111). In addition to hundreds
of themes, which I wrote about in previous years, here is another theme for
WordPress, which still didn’t fix all holes and there are many sites with
old version of theme (+ WAF bypass).

I want to warn you…