[wp-hackers] Hacked blogs
jason at intraffic.net
Thu Mar 26 16:51:06 GMT 2009
It is also worth noting that a security vulnerability in _any_ software running on the server with
the right permissions could inject code into a wordpress install.
On 26/03/2009 9:22 AM, Mike Schinkel wrote:
> I too fixed a site that had this iframe problem, but it was a v2.6 site. I know this was asked implicitly but let me ask again explicitly; is there any chance that these hacked sites shared any of the same plugins? As Mark Jaquith tweeted about recently, plugin as a group are generally not written with good security practices in mind; maybe there's a huge security hole in a shared plugin?
> -Mike Schinkel
> Custom Wordpress Plugins
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers