[wp-hackers] Recommendations for an affordable, SECURE, WordPress host
Patrick Laverty
patricklaverty at gmail.com
Thu Sep 5 18:50:01 UTC 2013
On Wed, Sep 4, 2013 at 5:24 PM, <marka999 at hushmail.com> wrote:
> I can tell from the logs one of their other customers exploited their
> server to access my theme files. My hosts response...we terminated the
> offending account.
Sounds like that host was vulnerable to the symlink hack. I don't know this
for a fact, but if accounts are not properly jailed off from each other,
this is certainly possible.
http://thecybersaviours.com/wordpress-hack-through-symlink-bypass
More information about the wp-hackers
mailing list