Comments on: New Exploit In WordPress http://www.brendonwilson.com/blog/2008/06/07/new-exploit-in-wordpress/ The personal web site of Brendon J. Wilson, a software developer, technologist, and entrepreneur living in Vancouver, British Columbia, Canada. Wed, 18 Jan 2012 10:11:14 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Brendon J. Wilson http://www.brendonwilson.com/blog/2008/06/07/new-exploit-in-wordpress/comment-page-1/#comment-175895 Brendon J. Wilson Thu, 12 Jun 2008 14:53:59 +0000 http://www.brendonwilson.com/?p=406#comment-175895 <a href="http://www.getrichslowly.org/blog/2008/06/08/patching-the-wordpress-anyresultsnet-hack/" rel="nofollow">More instructions</a> on cleaning up after this exploit: It appears there are some other places in the WordPress database that have to be cleaned up. More instructions on cleaning up after this exploit: It appears there are some other places in the WordPress database that have to be cleaned up.

]]> By: Brendon J. Wilson http://www.brendonwilson.com/blog/2008/06/07/new-exploit-in-wordpress/comment-page-1/#comment-175742 Brendon J. Wilson Wed, 11 Jun 2008 15:45:37 +0000 http://www.brendonwilson.com/?p=406#comment-175742 Well...crud. Yes, it appears that I overlooked the <a href="http://www.jammersix.com/archives/wordpress-hacked-search-engine-traffic-stolen/" rel="nofollow">snippet of code</a> that the exploit embeds in either <code>index.php</code>, or <code>wp-blog-header.php</code>, depending on your version of Wordpress. The easy solution is to upgrade to the new version of Wordpress (2.5.1), overwriting the offending files in the process. But you will still need to make the modifications to the database as outlined above! Well…crud. Yes, it appears that I overlooked the snippet of code that the exploit embeds in either index.php, or wp-blog-header.php, depending on your version of WordPress. The easy solution is to upgrade to the new version of WordPress (2.5.1), overwriting the offending files in the process. But you will still need to make the modifications to the database as outlined above!

]]> By: ads http://www.brendonwilson.com/blog/2008/06/07/new-exploit-in-wordpress/comment-page-1/#comment-175615 ads Tue, 10 Jun 2008 21:31:31 +0000 http://www.brendonwilson.com/?p=406#comment-175615 Your blog is still affected. Your blog is still affected.

]]> By: Mark http://www.brendonwilson.com/blog/2008/06/07/new-exploit-in-wordpress/comment-page-1/#comment-174864 Mark Sun, 08 Jun 2008 11:25:09 +0000 http://www.brendonwilson.com/?p=406#comment-174864 It does not affect 2.5.1 http://twitter.com/donncha/statuses/829681288 It does not affect 2.5.1

http://twitter.com/donncha/statuses/829681288

]]> By: Brendon J. Wilson http://www.brendonwilson.com/blog/2008/06/07/new-exploit-in-wordpress/comment-page-1/#comment-174755 Brendon J. Wilson Sat, 07 Jun 2008 19:51:32 +0000 http://www.brendonwilson.com/?p=406#comment-174755 <a href="http://www.jammersix.com/archives/wordpress-hacked-search-engine-traffic-stolen/" rel="nofollow">More information</a> on the effect of this exploit. More information on the effect of this exploit.

]]>