[wp-pro] Re: HELP ASAP? : Thanks for all replies. Someone's working on it now. Thanks.

Bryant Oden mailbryant at gmail.com
Sun May 31 23:41:57 GMT 2009 

Hi. I think this is OOOOOOOLD  news. the wp version was really old. I hadn't
updated in maybe a year.  2.5.  Bottom line is I shoulda kept my wp updated.
 The person working on it wrote this:

 the script code was inserted on every post in the database, all 6,712 of
them. I haven’t determined exactly how they did it, but that version of
WordPress (2.5) was known for an xmlrpc vulnerability (remote posting), so
that’s likely how it was done.








On Sun, May 31, 2009 at 5:38 PM, Phillip Schein <paschein at earthlink.net>wrote:

> What version has the security issue?
> I think it's important for the community to know which, why and how it's
> being hacked for all users.
>
>  thank you,
>
> -pas
>
>
>
>    *Phillip A. Schein*
> *w.* 212-717-1814
> *c.* 646-522-3066
> *f*. 212-202-4951
>
>  CONFIDENTIALITY NOTICE:
> This electronic mail message and any attached files contain
> information intended for the exclusive use of the individual or entity to
> whom it is addressed and may contain information that is proprietary,
> privileged,confidential and/or exempt from disclosure under applicable law.
> If you are not the intended recipient, you are hereby notified that
> any viewing, copying, disclosure or distribution of this information may
> be subject to legal restriction or sanction.  Please notify the sender,
> by electronic mail or telephone, of any unintended recipients and delete the
> original message without making any copies.
>
>
>
>
>
>   On May 31, 2009, at 2:14 PM, Bryant Oden wrote:
>
>
>
> On Sun, May 31, 2009 at 11:39 AM, Bryant Oden <mailbryant at gmail.com>wrote:
>
>> Hi. My site InnocentEnglish.com has been hacked due to old wp version.
>> I need to update WP, and also find the foreign code.
>> This WP is NOT on cpanel, so a little trickier. (I think it's on ubuntu,
>> but I don't know much about that).
>> my site has a few custom plug ins also, so not typical WP set up. (but
>> that may not interfere with update).
>>
>> Google has flagged my site so I'm looking for resolution ASAP.
>> thanks.
>> Bryant
>>
>
> _______________________________________________
> wp-pro mailing list
> wp-pro at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-pro
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-pro/attachments/20090531/5ab85af7/attachment.htm

More information about the wp-pro mailing list