infinix x yugatech

[ Wordpress ]

WP 2.1.1 hacked, upgrade now!

Editor-in-chief March 3, 2007 · 1 min read
Listen to article
TRENDING
Instagram now lets users reorder their posts on their profile iOS 27 Adds Native Baybayin Keyboard to iPhone: Here is How to Enable It AMD Radeon RX 9070 GRE announced GPD MicroPC 2 with Intel Core 3 N350 announced Nintendo Direct to unveil Switch 2 games for second half of 2026

Everyone should have known about this exploit by this time but if you are running WordPress 2.1.1 from a download just several days ago, your WP blogs might have been compromised.

This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

You could be also running that cracked version. It’s strongly recommended that you upgrade to WordPress 2.1.2 now.

Please, help spread the word.

React to this article:
More on Hacked
Written by
Abe Olandres

Abe Olandres

Editor-in-chief

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and is considered by many as the Father of Tech Blogging in the Philippines.

8,007 Articles
View all posts by Abe Olandres →

Related Articles

DJI Avata 360 — why it changed the way we shoot videos

NVidia makes RTX Spark official

Watch: Xiaomi 17T Pro Review

iOS 27 Performance Upgrades and still supports iPhone 11

Xiaomi 17T Pro vs. Xiaomi 15T Pro: What’s different?

Xiaomi 17T vs. Xiaomi 15T, what’s different?

14 Comments

MA
Maximus · 18 years ago

I would like to see a continuation of the topic


Reply
RA
Raymond Lee · 19 years ago

well, i already upgraded my WP. but i still keep the compromised version to test the actual exploit. ^^


Reply
AB
Abe Olandres Editor-in-chief · 19 years ago

Chris, Google doesn’t give you exact number of backlinks now. Try Yahoo Explorer instead — in Yahoo search, type “linkdomain:starmometer.com”.

For duplicate content, you can always file a DMCA complaint on the scraper’s web host.


Reply
CH
Chris · 19 years ago

Thanks kuya. Isang question na lang po. Last year my google backlinks are more than 100. Pero ngayon po bakit naging 20 na lang? Napenalize po kaya ako ng google for duplicated contents dahil meron nga pong website na kumokopya ng posts ko? Ok lang naman sana yun kasi nilalagay naman niya yung link kung san nakuha yung contents kaya lang i’m worried na baka napepenalize na pala ako dahil dun.


Reply
AB
Abe Olandres Editor-in-chief · 19 years ago

@ Chris

No, it’s not part of the exploit. That one is a scraper site. It gets your content from your RSS feed and auto-publishes it on its site.

One of the softwares that can do that is a WP plugin called FeedWordpress.


Reply
CH
Chris · 19 years ago

I noticed there is a website (16q.com) that automatically copies my post to their site. The second i publish my post, naka-post na rin siya sa website niya. Is this the result of the said exploit? Di ba kapag duplicated ang content nape-penalize ng Google? I am really worried about this.


Reply

Leave a Reply