<div>Hi. I think this is OOOOOOOLD news. the wp version was really old. I hadn't updated in maybe a year. 2.5. Bottom line is I shoulda kept my wp updated. The person working on it wrote this: </div>
<div> </div>
<div> the script code was inserted on every post in the database, all 6,712 of them. I haven’t determined exactly how they did it, but that version of WordPress (2.5) was known for an xmlrpc vulnerability (remote posting), so that’s likely how it was done.<br>
</div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div><br><br> </div>
<div class="gmail_quote">On Sun, May 31, 2009 at 5:38 PM, Phillip Schein <span dir="ltr"><<a href="mailto:paschein@earthlink.net">paschein@earthlink.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div style="WORD-WRAP: break-word">What version has the security issue?
<div><br></div>
<div>I think it's important for the community to know which, why and how it's being hacked for all users.</div>
<div><br></div>
<div>
<div>thank you,</div>
<div><br></div>
<div>-pas</div></div>
<div><br></div>
<div><br>
<div><br>
<div><span style="WORD-SPACING: 0px; FONT: 12px Helvetica; TEXT-TRANSFORM: none; COLOR: rgb(0,0,0); TEXT-INDENT: 0px; WHITE-SPACE: normal; LETTER-SPACING: normal; BORDER-COLLAPSE: separate">
<div style="WORD-WRAP: break-word"><span style="WORD-SPACING: 0px; FONT: 12px Helvetica; TEXT-TRANSFORM: none; COLOR: rgb(0,0,0); TEXT-INDENT: 0px; WHITE-SPACE: normal; LETTER-SPACING: normal; BORDER-COLLAPSE: separate">
<div style="WORD-WRAP: break-word">
<div>
<div>
<div style="TEXT-ALIGN: left"><font face="Verdana"><b><font color="#000000"><font size="3"><span style="FONT-SIZE: 11px">Phillip A. Schein</span></font></font></b></font></div>
<div style="TEXT-ALIGN: left"><b><font face="Verdana"><font color="#000000"><font size="3"><span style="FONT-SIZE: 11px">w.</span></font></font></font></b><font face="Verdana"><font color="#000000"><font size="3"><span style="FONT-SIZE: 11px"> 212-717-1814</span></font></font></font></div>
<div style="TEXT-ALIGN: left"><b><font face="Verdana"><font color="#000000"><font size="3"><span style="FONT-SIZE: 11px">c.</span></font></font></font></b><font face="Verdana"><font color="#000000"><font size="3"><span style="FONT-SIZE: 11px"> 646-522-3066</span></font></font></font></div>
<div style="TEXT-ALIGN: left"><font face="Verdana"><b><font size="3"><span style="FONT-SIZE: 11px">f</span></font></b><font size="3"><span style="FONT-SIZE: 11px">. 212-202-4951</span></font></font></div>
<div style="TEXT-ALIGN: left"><br></div>
<div>
<div style="MARGIN: 0px">CONFIDENTIALITY NOTICE:</div>
<div style="MARGIN: 0px">This electronic mail message and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information that is proprietary, privileged,confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information may be subject to legal restriction or sanction. Please notify the sender, by electronic mail or telephone, of any unintended recipients and delete the original message without making any copies.</div>
</div></div>
<div><br></div></div>
<div><br></div></div></span><br></div></span><br></div><br>
<div>
<div>
<div></div>
<div class="h5">
<div>On May 31, 2009, at 2:14 PM, Bryant Oden wrote:</div><br></div></div>
<blockquote type="cite">
<div>
<div></div>
<div class="h5"><br><br>
<div class="gmail_quote">On Sun, May 31, 2009 at 11:39 AM, Bryant Oden <span dir="ltr"><<a href="mailto:mailbryant@gmail.com" target="_blank">mailbryant@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>Hi. My site InnocentEnglish.com has been hacked due to old wp version. </div>
<div>I need to update WP, and also find the foreign code.</div>
<div>This WP is NOT on cpanel, so a little trickier. (I think it's on ubuntu, but I don't know much about that).</div>
<div>my site has a few custom plug ins also, so not typical WP set up. (but that may not interfere with update).</div>
<div> </div>
<div>Google has flagged my site so I'm looking for resolution ASAP.</div>
<div>thanks.</div>
<div>Bryant</div></blockquote></div><br></div></div>
<div class="im">_______________________________________________<br>wp-pro mailing list<br><a href="mailto:wp-pro@lists.automattic.com" target="_blank">wp-pro@lists.automattic.com</a><br><a href="http://lists.automattic.com/mailman/listinfo/wp-pro" target="_blank">http://lists.automattic.com/mailman/listinfo/wp-pro</a><br>
</div></blockquote></div><br></div></div></div></blockquote></div><br>