Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wordpress 2.1.1 Release Compromised by Cracker

Posted by Zonk on from the not-my-emo-comments-and-angsty-statements dept.

GrumpySimon writes "The recent 2.1.1 release of the popular blog software Wordpress was compromised by a cracker who made it easier for to execute code remotely. This is interesting because the official release was quietly and subtly compromised, and has been in the wild for a few days now. There's no word on if any affected sites have been compromised, but anyone running Wordpress is urged to upgrade to 2.1.2 immediately, and admins can check their logs for access to 'theme.php' or 'feed.php', and query strings with 'ix=' or 'iz=' in them."

1 of 48 comments (clear)

  1. Re:Made it easier for ... by DavidHOzAu · · Score: 1, Flamebait

    Oh please. Lay off the Zonk bashing. Read the summary and note that it was not written by Zonk.

    Don't like the stories? Then take a drink from the FireHose and mod up the contributions that interest you.