Comments on: New Wordpress 2.3.3 Exploit/Vulnerability – Adds Spam Directory /wp-content/1/

By: Nova vulnerabilitat a Wordpress 2.3.3

Nova vulnerabilitat a Wordpress 2.3.3 — Mon, 11 May 2009 20:07:40 +0000

[...] Hola! Si ets nou aquí, pot ser que vulguis subscriure’t al feed RSS.S’ha descobert una nova vulnerabilitat que a Wordpress 2.3.3 que deixa el nostre blog vulnerable a atacs de injecció de codi; amb aquesta tècnica, els [...]

By: SEO Directory

SEO Directory — Tue, 24 Mar 2009 13:48:40 +0000

Well the popular the software become more hacks you will see. I am happy i opt for wordpress. Was hacked just once that too because i didn’t updated it for more than an year.

We should look at Drupal. Everyweek there is some new vulnerablity patch.

By: Michael VanDeMar

Michael VanDeMar — Tue, 17 Mar 2009 23:02:06 +0000

Actually WrathChylde, I am not sure what you are talking about. changing passwords would not cause the files to be deleted.

By: WrathChylde

WrathChylde — Tue, 17 Mar 2009 22:04:50 +0000

Had the exact same problem on a 2.7.1 install. Turns out, it was a trojan virus on one of the laptops accessing wordpress.

We changed the root, and user passwords, the files went away.

By: tiherp

tiherp — Fri, 30 Jan 2009 07:51:37 +0000

May be due to the theme we used…….don’t know why actually…….but the same thing happened to me too…..but managed at last…….may be this is due to the version.

By: lenen

lenen — Sun, 26 Oct 2008 22:27:33 +0000

How can Wordpress be so vulnerable? I don’t get it.

By: Michael VanDeMar

Michael VanDeMar — Wed, 22 Oct 2008 16:08:38 +0000

fedmich, you can also simply turn indexing off altogether in that directory (or all of them) using .htaccess like so:

Options -Indexes

That’s recursive, so it will apply to any directory under the directory you put it in, unless that directory overrides it using it’s own .htaccess file.

Note, though, that (and the one you suggested) just pertain to directory browsing. If a plugin has a specific file that could be looked for directly, it could still be detected.

As to getting hacked on 2.5.1, yeah, I did as well. 2.5.2 was a security upgrade iirc. I just didn’t blog about that one. It wasn’t as widespread and I didn’t have time when it happened.

By: fedmich

fedmich — Wed, 22 Oct 2008 15:43:48 +0000

1 of my website got attacked too. and its wp 2.5.1

anyway, guys make sure your wp-content has a file .htaccess
and contains
IndexIgnore */*
so hackers wont be able to browse on your /wp-content/plugins/ and then check if your site can be hacked using some of your plugins.

Thanks for the post Michael

By: Eugen J

Eugen J — Thu, 03 Jul 2008 15:48:38 +0000

If you got attacked, check http://www.bloggerguide.net/bl.....-visitors/ too. Still working to see where the problem comes from and what tha attacker finds vulnerable.

By: WordPress Vulnerability

WordPress Vulnerability — Thu, 26 Jun 2008 10:22:08 +0000

[...] you see is a list of sites that were hacked through the latest WordPress Vulnerability that allows hackers to insert spam into your [...]