WordPress Download Server Compromised (2.1.1) – Get 2.1.2 NOW!

Use Netsparker


Some sneaky hacker got into the WordPress download server and placed a backdoor in the latest available version (2.1.1).

Luckily within a day someone reported the exploit to the WordPress team and they took the site down to investigate.

This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

If you downloaded 2.1.1 as soon as it came out it should be ok, but a few days after that the compromised version was available.

Do install 2.1.2 and upgrade ASAP just to be safe.

If your blog is running 2.1.1, please upgrade immediately and do a full overwrite of your old files, especially those in wp-includes. Check out your friends blogs and if any of them are running 2.1.1 drop them a note and, if you can, pitch in and help them with the upgrade.

If you are a web host or network administrator, block access to “theme.php” and “feed.php”, and any query string with “ix=” or “iz=” in it. If you’re a customer at a web host, you may want to send them a note to let them know about this release and the above information.

I’m thankful that the WordPress team has dealt with this situation so efficiently and professionally and it just gives me more faith in their team.

Good job WordPress!

Do make sure you let anyone using 2.1.1 know about this so they can upgrade ASAP.

This is just another lesson on why it’s important to check the md5 sum of files before using them..

Source: WordPress.org

Posted in: Exploits/Vulnerabilities, Hacking News, Web Hacking


Latest Posts:


dcipher - Online Hash Cracking Using Rainbow & Lookup Tables dcipher – Online Hash Cracking Using Rainbow & Lookup Tables
dcipher is a JavaScript-based online hash cracking tool to decipher hashes using online rainbow & lookup table attack services.
HTTP Security Considerations - An Introduction To HTTP Basics HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it.
Cangibrina - Admin Dashboard Finder Tool Cangibrina – Admin Dashboard Finder Tool
Cangibrina is a Python-based multi platform admin dashboard finder tool which aims to obtain the location of website dashboards by using brute-force, wordlists etc.
Enumall - Subdomain Discovery Using Recon-ng & AltDNS Enumall – Subdomain Discovery Using Recon-ng & AltDNS
Enumall is a Python-based tool that helps you do subdomain discovery using only one command by combining the abilities of Recon-ng and AltDNS.
RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.


Comments are closed.