[wp-hackers] wpau-backup being exploited?

Eric Marden wp at xentek.net
Mon May 26 14:22:39 GMT 2008

> So...is it being exploited or not?

I think we have a couple of things going on here, that is giving the  
appearance of wp-au being exploited, but might not be. This is all  
speculation, but seems to make sense to me.

Some plug-in, theme, or older version of wordpress was exploited by  
WP-AU faithfully backed the exploited directories up.
Poorly configured apache (directory browsing is turned on) makes it  
easy to search for them.

Now the plugin that is being exploited may be wp-au, I don't know as I  
don't use it. But it seems more likely that their live site had been  
stuffed with spam and the back up directory reflects that.


More information about the wp-hackers mailing list