Sucuri’s research team has found a very serious vulnerability in the WPTouch Plugin for WordPress. The vulnerability allows an attacker to upload files remotely to websites running an outdated version of the plugin.
A new version of WPTouch, version 3.4.3, has just been made available in order to patch the vulnerability.
Please access your WordPress administration area and update the plugin immediately in order to patch the vulnerability. You can learn more about today’s WPTouch disclosure here.