Author Topic: All Wordpress Users...you might already know but just in case  (Read 1811 times)

0 Members and 1 Guest are viewing this topic.

Offline Crimzen

  • Full Member
  • ***
  • Posts: 612
  • Karma: 0
  • Gender: Male
  • Sending You Positive Energy!
    • Sleeping Awake
All Wordpress Users...you might already know but just in case
« on: February 05, 2012, 04:21:56 am »
I found this info online, thought you should read if you use Wordpress

http://news.softpedia.com/news/Polymorphic-Injection-Attack-Targets-WordPress-Blogs-169953.shtml

Offline evilcandybag

  • of Fire
  • Global Moderator
  • Machinae Prime
  • *****
  • Posts: 3152
  • Karma: 66
  • Gender: Male
  • Armoured Tanks of Mass Destruction
Re: All Wordpress Users...you might already know but just in case
« Reply #1 on: February 05, 2012, 03:52:49 pm »
This is why you don't give Wordpress write permission to its own directories.
"Actually, wooden stakes are for vampires. Wooden steaks are for vegetarians."

Hadou

  • Guest
Re: All Wordpress Users...you might already know but just in case
« Reply #2 on: February 05, 2012, 04:23:34 pm »
Does this only apply to people running Wordpress sites on their own personal servers, or sites hosted on the main thingy.

Offline evilcandybag

  • of Fire
  • Global Moderator
  • Machinae Prime
  • *****
  • Posts: 3152
  • Karma: 66
  • Gender: Male
  • Armoured Tanks of Mass Destruction
Re: All Wordpress Users...you might already know but just in case
« Reply #3 on: February 05, 2012, 05:05:44 pm »
From what I gather, this applies to everyone using wordpress, but I guess using well known WP hosting solutions will make you a more likely target.

Things like this is why I don't let WP create any files by itself. Sure, I have to manually install and update addons and whatnot, but that's a small price to pay for covering a gaping hole in security.
"Actually, wooden stakes are for vampires. Wooden steaks are for vegetarians."