[wp-hackers] WP exploit , was Re: [Webmaster Central Help] Site hacked.

Malaiac malaiac at gmail.com
Wed Dec 2 09:07:18 UTC 2009

2009/11/27 Malaiac <malaiac at gmail.com>:
> Regarding http://www.google.com/support/forum/p/Webmasters/thread?fid=2bb823d5af6173a00004794fff8f89b7&hl=en
> it seems this is an exploit from older versions of WP.
> One of my sites had been hacked with it. Upgrading to 2.8.6 and
> overwriting the wp-settings.php file did the job.

upgrading to 2.8.6 only fixed the problem for a few days before the
hacker went on it again.

See the actual hacking on
Front page is ok when viewed with a human user agent, but just check
the front page with a Googlebot user agent and you'll get the

wp-settings.php is clean, as are  .htaccess and index.php

Another subdomain setup on the same domain (
http://musique.lestelechargements.fr/ ) is fine.

Any idea where to search for the exploit ?


More information about the wp-hackers mailing list