[wp-hackers] wordpress theme script injection (hosted on dreamhost)
chip at chipbennett.net
Sun Oct 31 18:15:14 UTC 2010
Also, have you sent this report to security at wordpress.org (I think that's
the right address?). If there's any potential that it's a WordPress specific
vector - or even just WordPress being specifically targeted - they'll want
to know. But, as a previous comment indicated, it's probably a
non-WordPress-specific FTP-credential attack vector.
On Sun, Oct 31, 2010 at 10:07 AM, Mladen Adamovic <mladen.adamovic at gmail.com
> Hi guys,
> My wordpress software instance was repeatedly hacked ... running latest
> Wordpress source code and being hosted on Dreamhost.
> I don't know which exploit it did use and couldn't identify it, but it was
> adding the following code to my default theme footer.php:
> enc =
> dec = unescape(enc);
> I think I'll have to migrate to Blogger, since I couldn't identify exploit
> it did use.
> I wanted to drop you an email anyhow since identifying exploits is
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers