[wp-hackers] attack on wp-admin/install.php
Konrad Karpieszuk
kkarpieszuk at gmail.com
Tue Oct 8 16:56:12 UTC 2013
hello
today few people reported me that instead of main page of my wordpress
site, they see installation wizard. after few minutes main website was ok,
but every subpages had error 404.
i went to dashborad > settings > permalink and refreshed structure of
permalinks. after that all website was ok.
but i see i logs that really somebody tried to get into install.php script,
even few times per second, this is apache log from begging of attack:
http://wklej.org/id/1145478/
question: how it was possible that regular visitors saw installation script
during this attack? and why affter attack permalinks was broken?
at this domain i have two sites:
dev.wpzlecenia.pl - everything is up to date
wpzlecenia.pl - two plugins are in older versions
- Google XML Sitemaps (i have 3.2.9) here is changelog
http://www.arnebrachhold.de/projects/wordpress-plugins/google-xml-sitemaps-generator/changelog/,
it looks that this plugin has no security issue in this version
- WordPress SEO by Yoast - (i have version 1.4.15) here is changelog
http://wordpress.org/plugins/wordpress-seo/changelog/ , it looks that
everything is ok in this older version
--
(en) regards / (pl) pozdrawiam
Konrad Karpieszuk
http://tradematik.pl wtyczka do WordPressa do tworzenia sklepów dla
klientów z Polski
More information about the wp-hackers
mailing list