Results 1 to 7 of 7
  1. #1
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    new mass hack/exploit for WordPress
    Just got this from ICDSoft where I have some client sites:
    Please be advised that a new mass exploit for WordPress is rampant. All users with WordPress installations with version prior to 2.6.5. may be affected. The hackers gain access to WP through a previously installed backdoor. Many different vulnerabilities are used, as different versions of WordPress are affected. Once an account is compromised, a remv.php file is uploaded to it. Our system administrators have identified the common pattern of the exploit and disabled a specific cookie used by the hackers. Additionally, all the uploaded remv.php files have already been deleted from our servers. However, it is still necessary that all users upgrade to the latest WordPress version immediately.


  2. #2
    ABW Ambassador writerguy's Avatar
    Join Date
    January 17th, 2005
    Location
    Springfield, Missouri, USA
    Posts
    3,248
    Quote Originally Posted by John Powell
    Just got this from ICDSoft where I have some client sites:
    Oh my. Well, there goes the weekend! Most of my sites are WP installs, and most of them are still on earlier versions than 2.6.5 -- which has only been out two or three days.

    Argh!!!!!!!!!!!!!
    Generate more fake news.

  3. #3
    Full Member 1stAngel's Avatar
    Join Date
    November 21st, 2008
    Location
    Manchester UK
    Posts
    248
    Quote Originally Posted by John Powell
    Just got this from ICDSoft where I have some client sites:


    Funnily enough I upgraded today anyway as I am on my own for the weekend. Needed something to do

  4. #4
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    Quote Originally Posted by writerguy
    Oh my. Well, there goes the weekend!
    Wordpress Automatic Upgrade 1.2.2 got the job done in about 5 mins, but I only have 2 blogs.


  5. #5
    ABW Ambassador simcat's Avatar
    Join Date
    January 18th, 2005
    Location
    Denver
    Posts
    1,786
    I've been a big fan of the automatic upgrader, but am not going to use it now, because the last two blogs I tried it on 'broke'.
    FTP method usually takes me under 10 min, anyway...

  6. #6
    Antisocial Media Expert ProWebAddict's Avatar
    Join Date
    March 25th, 2006
    Location
    Go Daddy
    Posts
    1,109
    Thanks for the heads up. I got 7 or 8 updated today. Only 30 or more to go.

  7. #7
    ABW Ambassador writerguy's Avatar
    Join Date
    January 17th, 2005
    Location
    Springfield, Missouri, USA
    Posts
    3,248
    Quote Originally Posted by simcat
    I've been a big fan of the automatic upgrader, but am not going to use it now, because the last two blogs I tried it on 'broke'.
    FTP method usually takes me under 10 min, anyway...
    Yeah, I've quit using that automatic upgrader. I found that on some blogs the feature to click to upgrade plugins wouldn't work if I upgraded the WP version via automatic upgrade. But if I upgrade the WP files via FTP, then the single-click feature for upgrading plugins seems to work on all my sites.

    Odd, I know.
    Generate more fake news.

  8. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Protect Yourself from WordPress Hack Attacks
    By Rhia7 in forum Blogging, Mobile and Social Media
    Replies: 20
    Last Post: May 15th, 2014, 01:16 PM
  2. RoundCube Exploit
    By John Powell in forum Midnight Cafe'
    Replies: 0
    Last Post: January 8th, 2009, 10:36 AM
  3. DNS exploit in the news
    By MnemonicGuy in forum Midnight Cafe'
    Replies: 1
    Last Post: July 25th, 2008, 12:03 PM
  4. SQL Injection Exploit
    By John Powell in forum Programming / Datafeeds / Tools
    Replies: 6
    Last Post: April 20th, 2007, 01:49 PM
  5. Warning: Nasty Windows Exploit
    By Dynamoo in forum Midnight Cafe'
    Replies: 17
    Last Post: January 4th, 2006, 02:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •