Hello everyone,
Can someone tell me the best way to report a catastrophic plugin hack with posting the details of the exploit for all the web to see?
It's a plugin that is in the WP Plugin Repository, and with a malformed URL I can initiate a procedure (within the plugin) that deletes ALL of the images in the WordPress database. Unfortunately, I speak from experience as this happened to us.
Thankfully it's not a very popular plugin, but it has been downloaded several thousand times so I'd like to warn people who may be using it...without posting details of the exploit.
Thanks,
Walt