Recently, the “digg clone” CMS Pligg was informed of a security attack that can compromise the entire management system by a hacker.

It’s only a matter of time before a hacker exploits the vulnerability because this is an open sourced project and anyone can see the code changes, thus a hacker with some coding knowledge should be able to reverse engineer (quickly) the code and begin writing an exploit.

I’ve contacted one of the Pligg folks to get more information on the situation so that we at Media Crumb want to know the in’s and out’s of the problem spot and work our clients through the solution. For Pligg projects that do not alter the sources or have not altered the login sources, its a snap to update.

For those that have manually altered the sources, the diff’s are a bit more complex. Make sure, however, you get the update installed. You can find more on Pliggs forum here and get the updates you need a.s.a.p!