So the other day, I get an email from a friend of mine asking me to have a look at her blog because some of the links, which were working a few days ago are now dropping everyone on a 400 bad request page.
Before I even have a chance to open up the site, I get another e-mail saying that she thinks that spammers have hacked her WP site! To make a long story short, in the end her WP install had been compromised and there was actually a hidden admin user in the system!
Have a look at the attachment it shows 4 administrator users, but there are only three users total – something doesn’t jive. I cleaned out the bogus admin user and patched up the install to 2.8.4, and now everything seems OK.
If you are running your photoblog on an older version of Wordpress, patch it right now!
3 responses so far ↓
aren’t you brilliant….as usual….:)
Did you drop the guys from WP a line about this? Might be a major glitch and they’re glad for watchful users.
Hey Jay,
It’s actually a well known exploit…My friend just didn’t keep her wordpress blog patched.
Thanks for the comment,