Everyone should have known about this exploit by this time but if you are running WordPress 2.1.1 from a download just several days ago, your WP blogs might have been compromised.
This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.
It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.
You could be also running that cracked version. It’s strongly recommended that you upgrade to WordPress 2.1.2 now.
Please, help spread the word.
[...] few days ago and malicious code was inserted into the source codes. Abe has a post on the incident here To be safe, it might be good to just upgrade to [...]
[...] an excerpt from Yuga’s post: Everyone should have known about this exploit by this time but if you are running WordPress 2.1.1 [...]
I noticed there is a website (16q.com) that automatically copies my post to their site. The second i publish my post, naka-post na rin siya sa website niya. Is this the result of the said exploit? Di ba kapag duplicated ang content nape-penalize ng Google? I am really worried about this.
@ Chris
No, it’s not part of the exploit. That one is a scraper site. It gets your content from your RSS feed and auto-publishes it on its site.
One of the softwares that can do that is a WP plugin called FeedWordpress.
Thanks kuya. Isang question na lang po. Last year my google backlinks are more than 100. Pero ngayon po bakit naging 20 na lang? Napenalize po kaya ako ng google for duplicated contents dahil meron nga pong website na kumokopya ng posts ko? Ok lang naman sana yun kasi nilalagay naman niya yung link kung san nakuha yung contents kaya lang i’m worried na baka napepenalize na pala ako dahil dun.
Chris, Google doesn’t give you exact number of backlinks now. Try Yahoo Explorer instead — in Yahoo search, type “linkdomain:starmometer.com”.
For duplicate content, you can always file a DMCA complaint on the scraper’s web host.
Twitter: topocketbook
says:
well, i already upgraded my WP. but i still keep the compromised version to test the actual exploit. ^^
I would like to see a continuation of the topic