Themify has announced that they have discovered and confirmed a vulnerability in their framework. The vulnerability stems from an unsecure file named themify-ajax.php. The fix was released on November 9th, 2012 but the auto upgrade process failed to delete the file. Themify states they have “recently received several reports of (more…)