The Blog Herald logo

  • News
  • Features
  • Guides
  • Editorial
  • Interviews
  • Blog Tips
  • More
    • General
    • Blog Conferences
    • Contact Us
    • Terms & Privacy
    • Disclaimer
harika bir kıvama gelmeye başlamıştır onun porno kalçaları ve teni tam hayalini kurduğu kadın porno resimleri profiline uyduğunu anlayan genç adam kuzenlerine porno gif geldiğinde onun odasına gelerek kirli sepetinden porn birkaç kullanılmış don alarak sikini sürterek fantezi sex resim yaşamak ister odaya gelir ve kullanılmış külotuna porno sikini değdirdiği sırada içeri kuzeni gelir onun sex hikayeleri bir şeyler karıştırdığını anlayan kız hemen sepetin porno izle oradaki donunun dışarıda olduğunu görür

WordPress Under Attack: Reason to Upgrade to 2.8.4

September 6, 2009 by Jayvee Fernandez

If you haven’t yet upgraded to the latest version of WordPress 2.8.4, then it is bout time you did. Self-hosted WordPress installs prior to this version is under attack and the potential damage to its users is high. Matt writes,

Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts. [source]

Lorelle enumerates some symptoms to know if your site has been affected by the worm:

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account, but Journey Etc. has a possible solution.

WordPress.com blogs are not impacted as they are up-to-date. Only versions prior to WordPress 2.8.4 are impacted.

Upgrade now!

Filed Under: News Tagged With: 2.8.4, security hacks to wordpress, WordPress, worm in wordpress

Like & Share this Article

Comments

  1. Rob says

    September 6, 2009 at 5:21 pm

    I upgraded to 2.8.4 as soon as it came out, but this past week I got e-mail notifications of several “new users.” I became immediately suspicious, especially since I have no link available whereby the public can sign up to be a user … there’s no need to be registered as a user on my blog since anyone can read it and all comments are moderated. So I unchecked “Anyone can register” in the General Settings, deleted all users except my wife and me, and changed the password.

    I’m hoping I am now safe. I see no other signs of anything odd, but then I don’t know enough about WordPress.org code and databases to get into the bowels of the thing to know if anything else is going on. I guess I’ll just wait and hold my breath?

  2. Jayce says

    September 9, 2009 at 8:56 am

    I updated immediately after seeing this issue. ;)

  3. Jamie Allsop says

    September 9, 2009 at 2:17 pm

    As soon as I found out about this issue I updated straight away.

Categories

  • Blog Tips
  • Budgeting
  • Content Marketing
  • Editorial
  • Featured Slider
  • Features
  • Gadgets
  • General
  • Guides
  • Infographic
  • Interviews
  • Keyword Research
  • Make Money Blogging
  • Marketing
  • Multimedia
  • News
  • Podcasts
  • Reviews
  • SEO
  • Social Media
  • Social Media Marketing
  • Website Security
  • WordPress
  • YouTube

The Blog Herald © 2022 Splashpress Media