WordPress Attack: Upgrade NOW

WPIf you are hosting WordPress on your own server it is vital that you upgrade to the current version now. Here are some of the details from Lorelle on WordPress, read them now and update ASAP:

Update your WordPress blog before you continue reading this post. That’s how critical this issue is.

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account, but Journey Etc. has a possible solution.

Read her entire post and Upgrade now, before it becomes a digital migraine.

 is the owner of SocialGumbo, LLC


2 Comments

  1. Is this really new news? The security release from Aug 12 was meant to repair “a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset.”

    I’m as bad as the next guy about letting versions slip by if they aren’t critical, but security upgrades are important! I always try to get those patches on within 24 hours of notice.

  2. There are a lot of WordPress users that do not keep up with each upgrade, it usually takes something like this to push them into it.

    I’ve also got a lot of New Orleans bloggers that read this, many of whom had someone else do the install and have little knowledge of the in and outs of things.

    Since I write for a lot of new users I try to ensure that I cover things like this. Sometimes it takes a sense of urgency before users will react.

Trackbacks/Pingbacks

  1. This ain’t Hell, but you can see it from here » Blog Archive » The attack last Friday - [...] it happened to a lot of WordPress blogs. I think I’ve fixed it and restored the blog to it’s …
  2. When "bleeding edge" stops the bleeding « [ LABORATORY NOTES ] - [...] is why I freaked out a little when I received this message in my Facebook stream. Then I followed …

Leave a Reply