New WordPress exploit

**kappa84** · 03-27-2008, 05:39 AM

In simple words: this exploit creates a new folder (/wp-content/1/) in which it puts spamming html files.
You can read more here: New Wordpress 2.3.3 Exploit/Vulnerability - Adds Spam Directory /wp-content/1/ | Smackdown!

**brokencode** · 03-27-2008, 05:53 AM

Thanks for the info. I found that folder already installed in some wp blogs I have

**kappa84** · 03-27-2008, 06:12 AM

Have you find any sollution for that exploit?

**OldDarkstarAccount** · 03-27-2008, 07:06 AM

Thanks for the info. I had no problems untill now.

**rhyswynne** · 03-27-2008, 07:24 AM

I've double checked it and have not noticed anything.

Could the "put blank index.html files in directories" fix work?

**arunpattnaik** · 03-31-2008, 08:49 PM

I hate exploits. but i love wordpress anyways

. Any solutions so far?

**xhan** · 04-01-2008, 05:05 PM

one of my hostees had a file remv.php added to her wp directory - look out for that, It got my account suspended :S

**kappa84** · 04-01-2008, 05:10 PM

No sollutions yet, not that I could find..

**Tiger** · 04-01-2008, 06:00 PM

I think, you have to update your wordpress blogs to last version 2.5.5, that's the only solution I know actually. Before updating, modify your mysql password and FTP password and look for files that are not yours on your FTP.

What I don't understand is why some wordpress blogs have the issue and others not...

**xhan** · 04-01-2008, 08:27 PM

it just depends if you come up on a hackers radar or not.

Theres sites out there listing all the hacks done by x person. My sites on one - grrr angry!

Webmaster SEO Tools, Resources, Web Hosting, Discussion Forums

Thread: New WordPress exploit

LinkBack

Thread Tools

Display

New WordPress exploit

Thread Information

Users Browsing this Thread

Bookmarks

Bookmarks

Posting Permissions