[wp-trac] [WordPress Trac] #60407: WP Starter Page is a source for HACKERS

WordPress Trac noreply at wordpress.org
Wed Jan 31 21:40:45 UTC 2024 

#60407: WP Starter Page is a source for HACKERS
------------------------------+-----------------------------
 Reporter:  dpmatlosz         |      Owner:  (none)
     Type:  feature request   |     Status:  new
 Priority:  normal            |  Milestone:  Awaiting Review
Component:  Build/Test Tools  |    Version:  6.4.3
 Severity:  critical          |   Keywords:  dev-feedback
  Focuses:  privacy           |
------------------------------+-----------------------------
 I am convinced that the WP starter page, with the BOLG option is the
 source for all and any hacker to hack a site.  Prove me wrong:  Example, I
 have had my website online for 20 years, I have used several different
 website dev. Apps.  I have never been hacked.
 After setting up WP on my sites;  3 to be exact, I soon started to get
 spam emails from the comment section of the blog.
 I am not a website programmer, btw,  I had no idea where these comments.
 were being submit, I looked at the pages on my dashboard and there was
 nothing there.  I kept looking, granted not a lot because it didn't
 concern me. But the SPAM was annoying and often inappropriate.
 Eventually when my site(s) were hacked and shut down, I found the hidden
 blog page, and deleted it.  Because my sites were shut down this was a
 challenge.  I still continued to get SPAM even after shutting down the
 blog comment page.  My other 2 sites were still getting comments.  It took
 a bit of sleuthing to find this hidden blog page on each site, You cant
 edit it either,  WP has embedded the comment section.  Eventually I
 deleted them all, but I still had 3 hacked sites.  recently I deleted one
 of the site and reinstalled WP.  And guess what, even though I though I
 deleted the WP Blog page, I started to immediately get SPAM and the site
 was hacked.  OK point being  SHUT DOWN THE AUTOMATICALLY AND HIDDEN BLOG
 PAGE, SHUT DOWN THE COMMENTS UNLESS YOUR POINT IS FOR US TO GET HACKED!!!
 I AM CONVINCED THIS IS A SERIOUS PROBLEM THAT YOU HAVE TO FIX.   Your
 welcome to drop me an email, that hopefully isnt spam, to let me know you
 are fixing this gateway for hackers.  Thanks Jimmy

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/60407>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list