[wp-hackers] wpau-backup being exploited?
wp at xentek.net
Mon May 26 14:22:39 GMT 2008
> So...is it being exploited or not?
I think we have a couple of things going on here, that is giving the
appearance of wp-au being exploited, but might not be. This is all
speculation, but seems to make sense to me.
Some plug-in, theme, or older version of wordpress was exploited by
WP-AU faithfully backed the exploited directories up.
Poorly configured apache (directory browsing is turned on) makes it
easy to search for them.
Now the plugin that is being exploited may be wp-au, I don't know as I
don't use it. But it seems more likely that their live site had been
stuffed with spam and the back up directory reflects that.
More information about the wp-hackers