[wp-hackers] wp-trackbacks.php and SQL injection

Stefano steagl at people.it
Mon Jul 24 15:58:10 GMT 2006


My provider asked got a series of DDDOS attack and lot of theyr client
using WP gpot thpudsns of spam comments and resources get drawn by
this attack.

It says look likes that the wp-trackbacks.php files is called lot of
time to tempt a SQL injections adn to make SPAM

I really didin't made a deep search to find if the rpoblem is known
and related to an old WP version, just wondering if the problem is
known and if there is a solution already.

It's clear that nothing can be done about the thousands calls, just
wondering if there is a leak about secyrity in this file in previous
oor actual version.

Thanks.

-- 

Stefano Aglietti - StallonIt on IRCnet - ICQ#: 2078431
Email: steve at 40annibuttati.it steagl at people.it
Sites: http://www.40annibuttati.it (personal blog)
       http://www.wordpress-it.it (WordPress Italia)


More information about the wp-hackers mailing list