[wp-hackers] Reporting WordPress exploits?
Mindshare Studios
info at mindsharestudios.com
Thu Feb 5 17:19:44 GMT 2009
Could you elaborate on how one might identify "where the injection
occurred"? What should I look for?
Thanks,
Damian
-----Original Message-----
From: wp-hackers-bounces at lists.automattic.com
[mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Lynne Pope
Sent: Thursday, February 05, 2009 10:01 AM
To: wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] Reporting WordPress exploits?
2009/2/6 Mindshare Studios <info at mindsharestudios.com>
> Hi,
>
> I was just wondering if there was a recommended procedure for reporting
> WordPress security vulnerabilities. I have a site running 2.7 that has had
> some hidden spam links injected into it, but this may have occurred before
> I
> upgraded to the latest version. I'm going to completely wipe the server
and
> do a fresh install to be sure to get rid of the problems but I thought I'd
> ask the list to see if anyone is interested in looking at the malicious
> code
> (I've isolated at least three files containing bad code) or if this is
> worth
> reporting.
If you are certain its a WordPress security issue just send an email to
security at wordpress.org
You should first check your server logs to identify where the crackers or
bot got in and identify where the injection occurred. Even though you have
had WP files hacked the vulnerability may lie elsewhere on the server.
If it is a WordPress vulnerability the team will need to know as much
information as possible about your server environment, which plugins you are
using, and which theme. This will help them to isolate any issues.
Lynne
_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list