A security vulnerability has been discovered in two popular plugins for the content management system WordPress.
The vulnerability affects the plugins WP Super Cache in version 1.2 and older as well as W3 Total Cache in version 0.9.2.8 and older. Adversaries may execute program code on servers using one of these plugins and e.g. install malicious software.
If you use WP Super Cache or W3 Total Cache, you should update the plugins immediately or disable them.
We are notifying our customers using these plugins by telephone this evening (6:30pm CST forward) to alert them of this vulnerability. If you haven’t received a phone call from us, you are safe. Most of all, no security breach has taken place, we’re just urging people to disable or upgrade as a precaution. If we can’t reach you, we will just delete the plugin folder as a precaution.
See here for more info: http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/