[wp-hackers] WordPress security question

Dan Phiffer dan at phiffer.org
Mon Jun 4 20:52:58 UTC 2012

Hi wp-hackers,

We recently had one of our WP sites compromised at work and we're now in the process of assessing the fallout. The site was running WP 3.3.2 when the attack happened, best I can tell from our backups. Here are some relevant links, in case anyone has ideas for things I might want to look into. Is there some kind of security issue submission process? It would be great to get some context for what to look out for in terms of potential entry points that might've allowed this.

Back-end PHP file, wp-includes/kses.php: https://gist.github.com/c0e3c24ddc1969e855c2 (line 1)
Resulting front-end HTML: https://gist.github.com/ba0c3d78d9bf87fd3a0d (line 32)

We're already working with an incident response team to tell us if the servers themselves had unauthorized access. And I'm now going through the steps mentioned on the Codex.


More information about the wp-hackers mailing list