I just read from the VaultPress blog that they’ve found a vulnerability in this popular script.
This script is used by a lot of themes and it could be dangerous for your site and your server.
Update
First of all update to the last version of the script. Download it here.
Do not allow external
Be sure you have something like this near the first lines of the script:
define ('ALLOW_EXTERNAL', FALSE);
Now change from this:
$allowedSites = array (
'flickr.com',
'picasa.com',
'img.youtube.com',
);
'flickr.com',
'picasa.com',
'img.youtube.com',
);
To this, just in case:
$allowedSites = array ();
You should be save now 
No comments yet.