WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2

March 2, 2007

WordPress 2.1.1 dangerous, Upgrade to 2.1.2

By Matt. Filed under Releases.

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

This is the kind of thing you pray never happens, but it did and now we’re dealing with it as best we can. Although not all downloads of 2.1.1 were affected, we’re declaring the entire version dangerous and have released a new version 2.1.2 that includes minor updates and entirely verified files. We are also taking lots of measures to ensure something like this can’t happen again, not the least of which is minutely external verification of the download package so we’ll know immediately if something goes wrong for any reason.

Finally, we reset passwords for a number of users with SVN and other access, so you may need to reset your password on the forums before you can login again.

What You Can Do to Help

If your blog is running 2.1.1, please upgrade immediately and do a full overwrite of your old files, especially those in wp-includes. Check out your friends blogs and if any of them are running 2.1.1 drop them a note and, if you can, pitch in and help them with the upgrade.

If you are a web host or network administrator, block access to “theme.php” and “feed.php”, and any query string with “ix=” or “iz=” in it. If you’re a customer at a web host, you may want to send them a note to let them know about this release and the above information.

Thanks to Ryan, Barry, Donncha, Mark, Michael, and Dougal for working through the night to figure out and address this problem, and thanks to Ivan Fratric for reporting it in the first place.

Questions and Answers

Because of the highly unusual nature of this event and release, we’ve set up an email address 21securityfaq@wordpress.org that you can email questions to, and we’ll be updating this entry with more information throughout the day.

Is version 2.0 affected?

No downloads were altered except 2.1.1, so if you’ve downloaded any version of 2.0 you should be fine.

What if we update from SVN?

Nothing in the Subversion repository was touched, so if you upgrade and maintain your blog via SVN there is no chance you downloaded the corrupted release file.

« New Releases: 2.1.1 and 2.0.9 WordPress at SxSW »

795 Pings

RSS feed for comments on this post. TrackBack URI

[...] Wer gerade nichts zu tun hat, kann ja mal wieder sein Wordpress updaten. [...]

Pingback from Langeweile, anyone? » Missis Notizblock on March 2, 2007
[...] has just announced that recent .zip and tar.gz download packages of Wordpress contains an exploit. A cracker managed [...]

Pingback from Wordpress Security Exploit Announced - Version 2.1.2 available to download | Cormac Moylan on March 2, 2007
[...] You can read the details of this update here. [...]

Pingback from Wordpress 2.1.2 Just Released : Refueled Dot Net on March 2, 2007
[...] Wordpress 官方的号召，尽量通知用 Wordpress 的朋友：Wordpress 2.1.1 [...]

Pingback from WP 2.1.1 危险，赶快升级！ | 巧克力工厂 (Beta5) on March 2, 2007
[...] please go and upgrade your blogs right now if you are using WordPress 2.1.1. As Matt outlines, a hacker managed to gain access to the Automattic server with the file downloads and modified core files. The entire 2.1.1 version has been declared [...]

Pingback from EMERGENCY: WordPress 2.1.1 Hacked, Upgrade Released » Technology, Blogging and New Media on March 2, 2007
[...] n’est pas moi qui le dit mais Matt de WordPress. N’hésitez pas, passez à WordPress 2.1.2 aujourd’hui. Pour ma part, je prévois passer à Drupal mais je ne sais pas trop quand je pourrai, alors entre [...]

Pingback from IM2 | OQP » Autre jour, autre mise à jour on March 2, 2007
[...] is from the WordPress development blog and worth noting if you run WordPress as your blog software: Long story short: If you downloaded [...]

Pingback from Why Dont You Blog? : Wordpress Security Problem on March 2, 2007
[...] WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from Just my luck!! at Jonesieblog on March 2, 2007
[...] press release from Wordpress came today: ” If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from important Wordpress news at Daily.Phirebrush on March 2, 2007
[...] Хакер получил доступ к главному серверу wordpressа, и поменял файлы последнего релиза, добавив туда backdoor, позволяющий исполнять на серверах с wordpress 2.1.1 произвольный php-код. [...]

Pingback from Val Petruchek » Почему WordPress — гавно. Часть вторая. on March 2, 2007
[...] You can read more on the dev blog: WordPress 2.1.1 dangerous, Upgrade to 2.1.2. [...]

Pingback from CompuSkills Web Design Service » Blog Archive » Wordpress Upgrade Needed on March 2, 2007
WordPress 2.1.1 es peligroso. Upgrade!

Si descargaste WordPress 2.1.1 hace 3-4 dias, los archivos pueden incluir un exploit de seguridad que ha sido añadido por un cracker, y debes actualizar todos los archivos a 2.1.2 inmediatamente.

Trackback from meneame.net on March 2, 2007
[...] Malicious Destruction And other shiny objects in the world. http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from http://wordpress.org/development/2007/03/upgrade-212/ on March 2, 2007
[...] wie der schadhafte Code aufgefallen und vor allem in den Release integiert werden konnte ist im Development Blog zu finden. Die Entwickler von Wordpress geloben aber Besserung, so dass solch ein Vorfall sich [...]

Pingback from Gefährliche Sicherheitslücke in Wordpress 2.1.1 | Bloganbieter.de Blog on March 2, 2007
Wordpress Update 2.1.2

Trackback from functional bytes blog on March 2, 2007
[...] Actualización: Todo el que use WP 2.1.1 que actualice inmediatamente a la nueva versión 2.1.2 . Se ha detectado un importante fallo de seguridad inducido por un hacker. [...]

Pingback from Actualización Efecte-d. Wordpress, plugins, temas, hacks … at Efecte-D on March 2, 2007
[...] wordpress inizi 2.1.2 versiyonuna ��karman�z. Yoksa bu a��ktan etkilenebilirsiniz Ayr�nt�l� bilgi WordPress › Blog � WordPress 2.1.1 dangerous, Upgrade to 2.1.2 Buradan indirebilirsiniz. http://wordpress.org/latest.zip __________________ BEN MEVLANA DE��L�M [...]

Pingback from WordPress 2.1.1 'de B�y�k A��k Acilen G�ncelleyin - Webmaster Zone on March 2, 2007
[...] know that WP 2.1.1 — the version this blog was running up until a few minutes ago — was apparently tainted. Sheesh! Say, Matt, since you Wordpress folk are fixing things today how about we make TinyMCE work [...]

Pingback from Wordpress 2.1.1 tainted » Ryan Block on March 2, 2007
[...] descritto qui un cracker ha aggiunto un security exploit modificando i file di WordPress 2.1.1, è indispensabile [...]

Pingback from » Gravissimo problema di sicurezza in WordPress 2.1.1 - Parole in rete on March 2, 2007
[...] For further details see the WordPress Blog [...]

Pingback from WordPress 2.1.1 Users - Important Update on March 2, 2007
[...] avete aggiornato negli ultimi 3 o 4 giorni. C’è stata un’intrusione in un server di WordPress.org, ed un cracker ha uploadato una versione modificata dei files di installazione. Basta scaricare la [...]

Pingback from Andrea Beggi » Aggiornate subito WordPress! on March 2, 2007
[...] sure you download the update right away and patch your installation. If you have any information on how this happened, Wordpress [...]

Pingback from Upgrade Immediately to Wordpress 2.1.2! | Stephen Fung DOT NET on March 2, 2007
[...] caught wind of this about 20 minutes ago but wanted to upgrade my blog before I posted about it. So, now my WordPress [...]

Pingback from Cocoa Crusty » Blog Archive » WordPress Download 2.1.1 Compromised on March 2, 2007
[...] include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 [...]

Pingback from Dietro è la casa, davanti a noi il mondo... - di Matteo Villani » Blog Archive » WordPress 2.1.2 on March 2, 2007
[...] in the 2.1.1 archive were cracked and contains malicious code. If you are running Wordpress, please download that upgrade now and patch your installations. If you downloaded 2.1.1, trash it right away and do not use it. [...]

Pingback from Wordpress Users: Update to 2.1.2 Immediately » MEGATechNews :: Mega Techie Goodness For the Masses on March 2, 2007
[...] [Wordpress Blog] [...]

Pingback from TasSense » ***URGENT*** : Upgrade to WordPress 2.1.2 on March 2, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from geschonneck.com » Wordpress 2.1.1 with backdoor on March 2, 2007
[...] than an hour old: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include… Upgrade on this site in [...]

Pingback from This Just In: WordPress 2.1.1 dangerous! at raincontreras.com on March 2, 2007
[...] cow badness: WordPress 2.1.1 dangerous, Upgrade to 2.1.2 Trackback Friday, March 2, 2007 [...]

Pingback from Holy cow badness: WordPress 2.1.1 dangerous, Upgrade to 2.1.2 - Justinsomnia on March 2, 2007
[...] WordPress crew have announced that the WordPress 2.1.1 download got cracked by an unnamed attacker who injected some code that would allow remote code execution. I’m glad I [...]

Pingback from Yikes! WordPress Hacked! » Yabfog on March 2, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from WordPress 2.1.2发布 at LIVE on March 2, 2007
[...] you upgraded to 2.1.1 recently immediately go here site and download [...]

Pingback from [This Savage Art] » WordPress 2.1.1 Security Risk on March 2, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from WordPress 2.1.2! �� ! | �� on March 2, 2007
[...] Anyone who previously upgraded to WordPress 2.1.1 should upgrade to WordPress 2.1.2 immediately. Here’s more info. This morning we received a note to our security mailing address about unusual and highly [...]

Pingback from Laughing Squid » Alert, Upgrade To WordPress 2.1.2 on March 2, 2007
[...] an hour ago Wordpress released news that part of their internal structure has been penetrated by a hacker whom embedded a possibility [...]

Pingback from In Fire We Trust » Blog Archive » Hack in Wordpress on March 2, 2007
[...] poco más de una hora Matt (desarrollador de WordPress) ha informado de código malicioso en WordPress 2.1.1. Recomienda actualizar URGENTEMENTE a la nueva versión [...]

Pingback from Punto y seguido… » Blog Archive » ¡Actualización URGENTE a WordPress 2.1.2! on March 2, 2007
[...] seems that Wordpress 2.1.1 contained malicious code due to a compromise of one of Wordpress’s download servers. I just finished upgrading to [...]

Pingback from Small Eyes, Big Mouth · Another Another Upgrade on March 2, 2007
[...] WordPress 2.1.1 dangerous, Upgrade to 2.1.2 (Wordpress.org) [...]

Pingback from apakuni.com » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 2, 2007
[...] Read the full announcement on wordpress.org. [...]

Pingback from Upgrade to WordPress 2.1.2 now « moeffju.net on March 2, 2007
WordPress Server gehackt. Dangerous Update 2.1.2. verfügbar

Autsch. Jetzt werden die WordPress Updates schon mit dangerous deklariert. Was hat es damit auf sich?
Offensichtlich ist es einem Hacker, der scheinbar gerade nichts Besseres zu tun hatte, gelungen, sich Zugriff zum WordPress-Server zu verschaffen und …

Trackback from fob marketing on March 2, 2007
[...] seems that the WordPress development team inadvertently allowed a hacker into their midst and he/she included some unauthorized (and potentially dangerous) [...]

Pingback from Site maintenance - Phase 3 - The Space Elevator Blog on March 2, 2007
Peligro! Wordpress 2.1.1 crackeado

Desde la web de Wordpress nos informan que la versión 2.11 fue crackeado desde hace unos 3, 4 días por un cracker quien agrego un Exploit dentro de los archivos.

Trackback from Fresqui.com on March 2, 2007
[...] ダウンロード WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2より [...]

Pingback from WordPress 2.1.1は危険です、2.1.2にアップグレードしてください on March 2, 2007
[...] Blog de WordPress [...]

Pingback from Blog no oficial de DreamHost » Archivo » Actualización WordPress y MediaWiki on March 2, 2007
[...] security announcement for WordPress users who have updated to version 2.1.1: the download file for 2.1.1 was apparently cracked to include a security exploit. If your WordPress site is running 2.1.1 and you obtained that version from any source other than [...]

Pingback from Sliding Constant » WordPress 2.1.1 has dangerous hole on March 2, 2007
[...] from here: Wordpress 2.1.1 Dangerous, Upgrade Download 2.1.2 here: Wordpress » [...]

Pingback from Joiz and the Angels Lair » Warning! For My WP Blogging Friends! on March 2, 2007
[...] at night when I had logged to my blog I saw the news from WordPress.org that a hacker attacked WordPress server and published modified version of original code. Well, no [...]

Pingback from 2000 Bloggers - » ATTENTION: WordPress 2.1.1 dangerous! on March 2, 2007
[...] Aggiornate subito WordPress!: Se avete aggiornato negli ultimi 3 o 4 giorni. C’è stata un’intrusione in un server di WordPress.org intrusione in un server di WordPress.org, ed un cracker ha uploadato una versione modificata dei [...]

Pingback from FreeUser.Org » Wordpress 2.1.1 hacked - Aggiornate on March 2, 2007
[...] details can be found at the Wordpress Development Blog which explains the problem and what you could do to help [...]

Pingback from Footsteps in the Mirror » Attention: Massive Wordpress 2.1.1 Exploit. Upgrade To 2.1.2 on March 2, 2007
[...] Para una explicación mas detallada date una vuelta por el post oficial. [...]

Pingback from GDR Network » Advertencia: Wordpress 2.1.1 es Peligroso on March 2, 2007
升級 WordPress 2.1

今天終於把部落格升級了，順便也把一干軟體統統升級個夠…

mysql 4.1.21 升級 5.0.27
php 4.4.4 升級 5.2.0
apache 2.0.59 升級 2.2.4
activeperl 5.8.7 升級 5.8.8 (這不是WordPress必要的)

WordPress 由 1.5.2 升級…

Trackback from 精神奕奕 on March 2, 2007
Wordpress 2.1.1 gecrackt!

Wie die Wordpress-User ihrem Tellerrand entnehmen können, wird die kürzlich zum Download freigegebenen Update-Version 2.1.1 als gefährlich eingestuft! Ein Cracker hat sich wohl auf dem Wordpress-Server zu schaffen gemacht und die Downloa…

Trackback from BassFireBlog on March 2, 2007
[...] WordPress.org experienced a security-related problem in the last few days. If you’ve downloaded WordPress 2.1.1, you better upgrade to WordPress 2.1.2 now. For more information, read this blog post. [...]

Pingback from Cyprus Blog Network / Upgrade your WordPress to 2.1.2 now! on March 2, 2007
[...] 2.1.1 then you should immediately upgrade to 2.1.2. A dangerious warning has been issued by WordPress in regards to [...]

Pingback from BlueFur.com » Update WordPress 2.1.1 Immediately on March 2, 2007
[...] Read more here. [...]

Pingback from Peter Upfold » Blog Archive » All WordPress 2.1.1 users upgrade now - serious security issue on March 2, 2007
[...] Wordpress 2.1.1 Update hat ein böser Cracker bösen Code eingebaut, also fluxifluxi mal schnell auf 2.1.2 updaten und auf guten Code [...]

Pingback from daniel.hirngespinst.net » Blog Archiv » Wordpress 2.1.2 on March 2, 2007
[...] [Fonte Wordpress.org] [...]

Pingback from Aggiornamento critico per Wordpress » StormedBrains on March 2, 2007
[...] appena stato reso noto che i file della versione 2.1.1 di WordPress sono stati manomessi qualche giorno fa da un cracker. [...]

Pingback from Attacco cracker: upgradate a Wordpress 2.1.2! at Boliboop on March 2, 2007
[...] I got a scary message when I logged in to the dashboard of one of my blogs tonight to say that the upgrade to Wordpress [...]

Pingback from Urgent Wordpress Upgrade - 2.1.2 » Vexentricity on March 3, 2007
[...] you have a Wordpress blog, and you upgraded it to 2.1.1 within the last few days, you need to run over and update it 2.1.2 asap. Seems there was a dangerous exploit in 2.1.1 that would blow up the [...]

Pingback from kirktastic » Blog Archive » Public Service Announcement on March 3, 2007
[...] Wordpress.com’s Blog is reporting that Wordpress 2.1.1 installations from the past few days are not secure. Apparently their server was hacked and the Wordpress master files were changed to open up a [...]

Pingback from arghyle » Blog Archive » Dangerous! Wordpress 2.1.1 on March 3, 2007
[...] Update Note: If you’re a WordPress user and are using version 2.1.1 it is crucial that you upgrade to the latest version (2.1.2) - particularly if you upgraded in the last 3-4 days. The reason is that there has been a hacker compromise that version and add/change code. See details here. [...]

Pingback from WordPress 2.1.2 now available for download : Meandering Passage on March 3, 2007
[...] was a new release put out by WordPress.org today due to a potential security exploit for anyone that downloaded [...]

Pingback from WordPress 2.1.1 Dangerous » My New Choice on March 3, 2007
[...] 網路服務網際網路資訊科技請快升級至 WordPress 2.1.2 March 3rd, 2007 這是由 WordPress 官方發出來的消息，簡單地說就是 3 至 4 天前，WordPress 供人下載的 WordPress 2.1.1 裡面有檔案被 [...]

Pingback from ericsk’s blog » 請快升級至 WordPress 2.1.2 on March 3, 2007
[...] is a post about this on WordPress.org’s Development Blog: This morning we received a note to our security mailing address about unusual and highly [...]

Pingback from Important: Upgrade to WordPress 2.1.2 by Blogging Pro on March 3, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from Il blog di Gas ® » Hanno fregato Wordpress » Blog Archive on March 3, 2007
[...] Read this notice on Wp [...]

Pingback from Wordpress 2.1.1 upgrade it asap! » gh3log on March 3, 2007
WordPress Hacked, Upgrade NOW

If you were an early adopter and upgraded your WordPress installation to version 2.1.1 you might be running with a severe vulnerability. A cracker got access to the file and edited the code to allow for exploits. Matt has the rest. You can get the down…

Trackback from PaulStamatiou.com on March 3, 2007
[...] completa en wordpress.org, descargar 2.1.2, [...]

Pingback from Wordpress 2.1.1 Crackeado « Liamngls on March 3, 2007
[...] So kepada sesaper yang baru upgrade ke version 2.1.1 dalam 3-4 hari lepas, sila upgrade ke 2.1.2 secepat mungkin atau kemungkinan website anda akan menghadapi [...]

Pingback from WordPress 2.1.1 dangerous, Upgrade to 2.1.2 : Eizil.com | Where Information So Valuable on March 3, 2007
[...] If you’re using Wordpress 2.1.1, upgrade to 2.1.2 IMMEDIATELY! Share and Enjoy: These icons link to social bookmarking sites where readers can share and [...]

Pingback from The Marmot’s Hole » Upgrade to WP 2.1.2 NOW!!!! on March 3, 2007
[...] Matt acaba de anunciar hace dos hora el lanzamiento de la nueva versión de Wordpress 2.1.2 que, según dice, permanecer en la versión 2.1.1 es muy peligroso debido a un problema grave de seguridad. [...]

Pingback from Wordpress 2.1.2 (actualizar urgente) | PuntoGeek on March 3, 2007
[...] Die Jungs und Mädels haben schnell reagiert und kurzerhand eine bereinigte Version raus gebracht. Mehr Infos dazu gibt es auch bei denen selbst. [...]

Pingback from Web Zeiger on March 3, 2007
[...] Read full story [...]

Pingback from Wordpress 2.1.1 - Dangerous Download » JaypeeOnline on March 3, 2007
[...] 2.1.2 has officially been released and contains a few security fixes. If you are using WordPress 2.1.1, it is extremely important you update immediately. Download the [...]

Pingback from SDAC Inc: WordPress Update: 2.1.2 on March 3, 2007
Upgrade immediately to Wordpress 2.1.2

If you haven’t heard already, Wordpress’s production server got hacked a couple days ago, and they discovered it today. The cracker put a backdoor into some of the administrative files.
Anyway, it’s been fixed in the newest release, s…

Trackback from The Flow of Consciousness on March 3, 2007
[...] all open-source community troubles with hackers happened on a regular basis, but this time, such software as a Wordpress was affected, which has [...]

Pingback from Wordpress and open-source community problems on March 3, 2007
[...] WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from WordPress 2.1.2 リリース at orioa on March 3, 2007
[...] 3, 2007 at 12:24 am · Filed under Uncategorized Wordpress 2.1.1 Security Hole Leaves Blogs Wide Open A hacker managed to sneak into the Wordpress server and modify the code in the 2.1.1 release, [...]

Pingback from Wordpress 2.1.1 Security Hole Leaves Blogs Wide Open « Tons of Fresh News on March 3, 2007
[...] It was quite a surprise to see that the Wordpress development blog were declaring that their latest release was dangerous. Turns out someone was messing with the original code of our beloved blogging software. Thank goodness for the swift work and dedication of the Wordpress team in providing a newer version. If you installed version 2.1.1 (unlike me, I’m just too lazy) then download 2.1.2 now! [...]

Pingback from Friday’s News: Gack Ink Round 2 And Wordpress Troubles :: Unintentionally Blank on March 3, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from WordPress 2.1.1 dangerous, Upgrade to 2.1.2 » Ask Shane.org on March 3, 2007
[...] blocked “theme.php” and “feed.php”, and any query string with “ix=” or “iz=” in it.read more | digg [...]

Pingback from Living in the Whine Country » Archive » ALERT: Wordpress 2.1.1 Security Hole on March 3, 2007
[...] Anda harus upgrade kesemua fail-fail anda ke 2.1.2 secepat mungkin, desak Matt melalui WordPress Dev blog. Hanya efek kepada mereka yang memuat-turun fail WordPress melalui halaman WordPress Download (dalam lingkungan 2-3 hari yang lalu) dan tidak melalui SVN. [...]

Pingback from WordPress 2.1.1 Merbahaya on March 3, 2007
[...] Breaking news. If you use WordPress 2.1.1 (like we did until very recently) you’ll want to read this. [...]

Pingback from Ambersail Infosec Roundup » Blog Archive » WordPress 2.1.1 Is Dangerous. Upgrade Now. on March 3, 2007
[...] They’ve done it again. I really like WP but this is getting out of hand. Two hours ago they released a public statement warning users that version 2.1.1 has a dangerous security hole and an immediate upgrade is [...]

Pingback from Delirium Propaganda » Blog Archive » Wordpress upgrade, yet again!!! on March 3, 2007
[...] Wer Wordpress in den letzten Tagen gedownloadet hat ist möglicherweise betroffen. Das Update wird dringend empfohlen [...]

Pingback from Toms Area-X Blog » Blog Archiv » Cracker manipuliert Wordpress-Code on March 3, 2007
[...] | Wordpress Enlace | [...]

Pingback from Ya disponible Wordpress 2.1.2 - Actualización de Urgencia on March 3, 2007
[...] warning on your dashboard, but in case you haven’t the news is that the latest version has been compromised by a dirty [...]

Pingback from Science Fiction Robots » Archive » WordPress Hacked, Danger Will Robinson! on March 3, 2007
[...] 2 часа е излезнала новината за нова версия на Wordpress. Този път по [...]

Pingback from И бира » Blog Archive » Upgrade to 2.1.2 on March 3, 2007
[...] 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. Longer explanation: This morning we received a note to our [...]

Pingback from urks.de // reloaded » wordpress v2.1.1 warnung - exploit gefahr on March 3, 2007
Wordpress 2.1.1 dangerous…

Not only is WordPress 2.1.1 dangerous, it is set to explode. After releasing WP 2.1.1, someone hacked the WP.org servers, adding a security hole to the release. The folks at WP immediately responded by removing the malicious code and releasing WP 2…

Trackback from A Soldier's Mind on March 3, 2007
[...] Cracker inserts security exploit code into WordPress 2.1.1, people advised to upgrade immediately to WordPress 2.1.2. [...]

Pingback from Bunch of Notes « Silverie on March 3, 2007
[...] If you’re using 2.1.1, read this now. [...]

Pingback from kev » wordpress 2.1.1 bad. upgrade now. on March 3, 2007
[...] ideale, vi allieto riportandovi il fatto che il blog dei Molesti è stato aggiornato alla versione 2.1.2 di [...]

Pingback from NerdMolesto in action » molesti.com :: Founded AD MCMXCIX on March 3, 2007
[...] WordPress.org: March 2, 2007 WordPress 2.1.1 dangerous, Upgrade to 2.1.2 By Matt. Filed under [...]

Pingback from I See Invisible People » Wordpress Alert on March 3, 2007
[...] Read more at the WordPress site. If you’re running anything older than v2 you might want to consider upgrading too. [...]

Pingback from Paul, Kerri and The Boys » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] THIS IS A VERY IMPORTANT ANNOUNCEMENT! (Not Joomla Related!) [...]

Pingback from » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 » Joomla Components Extensions Blog on March 3, 2007
[...] had to update my blog because some idiot decided to screw with the latest release. I hate stuff like this. I bet that guy is feelings pretty good right [...]

Pingback from Nothing Concept :: Blog :: Scurry, scurry on March 3, 2007
[...] WordPress 2.1.1 Dangerous, Upgrade [...]

Pingback from Macitreal - Wordpress hacked on March 3, 2007
[...] probably affects a *very* small part of our audience, but it’s worth passing along: WordPress 2.1.1 dangerous, Upgrade to 2.1.2. Apparently, a cracker got access to a server and “tweaked” a couple of files. Full [...]

Pingback from Innovation in College Media » Blog Archive » PSA: WP 2.1.1 upgrade hacked; 2.1.2 available on March 3, 2007
[...] just in from wordpress: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from Wordpress 2.1.1 could be hacked : BlissLogs on March 3, 2007
[...] Zitat wordpress.org: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. [...]

Pingback from iKA’s Blog » Wichtiges Update auf Wordpress 2.1.2 on March 3, 2007
[...] clipped from wordpress.org [...]

Pingback from Scott-O-Rama » WordPress 2.1.1 Dangerous, Upgrade Immediately on March 3, 2007
[...] just got THIS popup in my RSS reader, Google Reader Long story short: If you downloaded WordPress 2.1.1 within [...]

Pingback from Wordpress.org hacked/cracked at B L O G . M A C C A R O C K S . C O M on March 3, 2007
[...] 詳情請見官網消息：WORDPRESS 2.1.1 DANGEROUS, UPGRADE [...]

Pingback from Morton’s Weblog » Blog Archive » Wordpress 2.1.1 遭駭客置入 exploitable code on March 3, 2007
[...] you downloaded and installed the recent 2.1.1 version of WP, it is critical that you upgrade to 2.1.2 immediate. Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from Urgent note for others running WordPress » Home of the Soul Cookie on March 3, 2007
[...] 有更新到 WP 2.1.1 的人請趕快升到 2.1.2 請見官方公告 [...]

Pingback from 太空猴子::SpaceMonkey » 危險危險 WP 2.1.1 on March 3, 2007
[...] 2.1.1 was hacked, anyone who’s downloaded it in the last 3-4 days should download version 2.1.2 immediately. [...]

Pingback from Circle Six Blog » Blog Archive » Worpress 2.1.1 Hacked on March 3, 2007
[...] If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. |Read more| [...]

Pingback from The Voyager - » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] parecen nuevos, al personal de Wordpress.org les han inflitrado codigo a su ultimo release (Wordpress 2.1.1), ahora todos… a actualizar de [...]

Pingback from 512 Megas » Novatada a Wordpress.org on March 3, 2007
[...] From WordPress.org: [...]

Pingback from Mario’s multimedia… » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from Peter’s Blog » Blog Archive » WordPress 2.1.1 Dangerous on March 3, 2007
[...] Wordpress 2.1.1 is Dangerous, Critical Flaw Found [...]

Pingback from cdharrison.com » Critical Wordpress Update on March 3, 2007
[...] [...]

Pingback from WordPress Francophone » Sortie de WordPress 2.1.2 : Mise à jour de sécurité majeure on March 3, 2007
[...] from WordPress.org: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from Eli Burford » Blog Archive » WordPress 2.1.2 - They just keep on coming. on March 3, 2007
[...] http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from blog.emerick.org » upgrade to 2.1.2 on March 3, 2007
[...] this week I upgrade the backend to the latest version of Wordpress 2.1.1. Today Wordpress announced that a hacker had inserted a remote PHP exploit into the code and recommended everyone to upgrade [...]

Pingback from DanLin.net » Wordpress 2.1.1 security flaw found and patched on March 3, 2007
[...] el blog de desarrolo de WordPress nos informan de que si has descargado WordPress 2.1.1 durante los 4-5 días pasados, es muy [...]

Pingback from WeblogToolsCollection Español » Blog Archive » Atención: actualiza a WordPress 2.2 YA on March 3, 2007
[...] leitura do artigo sobre o assunto � altamente [...]

Pingback from Wordpress 2.1.2 :: bernabauer.com - Noticias de Tecnologia todos os dias. on March 3, 2007
[...] Wordpress has deemed the entire release as dangerous. You can download the patched version here. http://wordpress.org/download and you can get the full stoty here. http://wordpress.org/development/2007/03 [...]

Pingback from The Truth About Internet Marketing » WordPress 2.1.1 Security Flaw on March 3, 2007
[...] saw an announcement on the dashboard that the latest version of WordPress (version 2.1.1) had been classified as Dangerous and the download and the server it was stored on had been taken down and everyone who recently [...]

Pingback from Just Thinkin’ » Blog Archive » Everything Went Down–What a Day! on March 3, 2007
[...] Obširnejši opis varnostne luknje. [...]

Pingback from Mario’s thing… » WordPress 2.1.2 - nujna nadgradnja! on March 3, 2007
[...] 剛剛發佈緊急公告，指出由於其中一台提供下載的 server 被駭客入侵，在先前發佈的 2.1.1 [...]

Pingback from stOOrz » WordPress 2.1.2 released on March 3, 2007
[...] those running WordPress 2.1.1, this is an urgent upgrade available due to a critical security flaw. Overwrite your old WP files as soon as [...]

Pingback from Hari’s Corner » Urgent message to WordPress users on March 3, 2007
[...] is the first time I did upgrade so fast. The event is here. I checked the files are on 2/26, so my blog should be safe. But I don’t want to take the [...]

Pingback from Living Better BLOG » Emergency Upgrading to WordPress 2.1.2 on March 3, 2007
[...] of the week:) (fake smily) You might wan to upgrade to 2.1.2 if you’re using the 2.1.1. And here is the link to the news on what happened that causes this security [...]

Pingback from Searchtified.com » Blog Archive » *phew…Just updated to WP 2.1.2 on March 3, 2007
[...] doubt this news will be all over before the day is out, but it is worth spreading this announcement all the same. [...]

Pingback from A Mind @ Play » Wordpress 2.1.1 vulnerability on March 3, 2007
[...] Source: WordPress blog [...]

Pingback from //beconfused » Blog Archive » Upgrade to WordPress 2.1.2 on March 3, 2007
[...] upgrade files for 2.1.2 Because of the highly unusual nature of the security breach at wordpress.org that resulted in the zip and tar.gz for WordPress 2.1.1 having malicious code [...]

Pingback from No upgrade files for 2.1.2 « Mark on WordPress on March 3, 2007
[...] Read more about Wordpress Upgrade [...]

Pingback from Wordpress 2.1.2 update is released at Petes Blog on March 3, 2007
[...] 進行更新! [延伸閱讀]： - WordPress 官網: WordPress 2.1.1 Dangerous,Upgrade - WordPress 2.1.2 [...]

Pingback from 淘寶達康 beta 2.0 » Blog Archive » 緊急更新WordPress 2.1.2 on March 3, 2007
[...] as soon as I move up to 2.1.1 of course they discover an exploit. Here is more on the story from Wordpress. Luckily though for once I actually read the Dashboard when I started up the Admin screen and saw [...]

Pingback from Life Is Risky » Blog Archive » Alert! WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] enero se liberaba WP 2.1; hace apenas 10 días aparecía la versión 2.1.1… y ya tenemos la versión 2.1.2. Está claro que WordStress no está hecho para espíritus sensibles al sobresalto. Por un lado, [...]

Pingback from Mangas Verdes » Sorpresa, sorpresa… ya esta aquí WordPress 2.1.2 on March 3, 2007
[...] WordPress 2.1.1 dangerous, upgrade [...]

Pingback from Webmaster Libre | WordPress 2.1.2 ¿pero qué está pasando? on March 3, 2007
[...] being a fan and user of WordPress here is some pretty big news from the Official WordPress blog, WordPress 2.1.1 Dangerous, Upgrade: This morning we received a note to our security mailing address about unusual and highly [...]

Pingback from Everybody Knows » Blog Archive » Urgent Upgrade Notice - WordPress 2.1.1 on March 3, 2007
[...] like a hacker managed to sneak an exploit into the WordPress 2.1.1 blogging software. If you downloaded it within the past few days your files may include a security [...]

Pingback from stefpause.com » Blog Archive » Security exploit in WordPress 2.1.1 on March 3, 2007
[...] Their story is: WORDPRESS 2.1.1 DANGEROUS, UPGRADE [...]

Pingback from Untwisted Vortex - Living in a Different Land » Upgrade to WordPress Version 2.1.2 Right Now! on March 3, 2007
[...] read this announcement immediately if you’ve updated to 2.1.1 within the last few days. It’s quite likely you [...]

Pingback from Digital Ramble » Blog Archive » attention all WordPress 2.1.1 upgraders… on March 3, 2007
[...] very important security issue with WordPress 2.1.1 was just announced a few hours [...]

Pingback from britton blog - an american student in galway, ireland » Important: WordPress 2.1.1 is a Security Threat on March 3, 2007
[...] they are saying Wordpress 2.1.1 is dangerous: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from import this. » Blog Archive » WP 2.1.1 security issue on March 3, 2007
[...] 今天早上看到官方的消息，在之前服务器被黑客登录并修改了WP2.1.1中的两个文件，以方便黑客获取服务器管理权限。官方的人认为整个2.1.1都是不安全的，需要立即更新到2.1.2，并且将新文件全部覆盖那些旧的。 [...]

Pingback from 凡人弄 : Blog Archive : WP2.1.1遭遇CRACK，紧急更新 on March 3, 2007
[...] WordPress— [...]

Pingback from OpinionBug.com » WordPress 2.1.1 Compromised By Cracker on March 3, 2007
[...] you have already upgraded to Wordpress 2.1.1, your site might include code for letting someone else control your blog, that was added in a break in. There is a new release available that removes the malicious code. [...]

Pingback from Red Alert: Upgrade Wordpress To 2.1.2 on iface thoughts on March 3, 2007
[...] If you’ve downloaded the release version of 2.1.1 (e.g. the .zip or .tar.gz version of the fil…upgrade to the new release pronto. [...]

Pingback from ShadowLife » Blog Archive » Wordpress 2.1 release source compromised on March 3, 2007
[...] y como indican en la web de Wordpress, parece ser que algun cracker graciosillo les ha entrado en el servidor y les ha modificado los [...]

Pingback from Actualización urgente de Wordpress 2.1.1 a 2.1.2 at luigix.com on March 3, 2007
赶紧更新WP 2.1.1

如果你前几天刚更新WP到2.1.1,那么请赶紧升级吧.
WP服务器被黑,里面被黑客加入了可以远程执行的代码.

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security expl…

Trackback from 赵明亮.你太有才了! on March 3, 2007
[...] Related Links: - WordPress 2.1.1 dangerous, Upgrade [...]

Pingback from Rxbbx Blog Wordpress 2.1.2 on March 3, 2007
[...] og der er tale om en ikke-planlagt opdatering. Helt uhørt har en hacker været så uvenlig at lave noget kode om i version 2.1.1 på WordPress.org inden for de sidste dage. Den danske version skulle dog ikke være blevet [...]

Pingback from WordPress 2.1.2 er udgivet at WordPress DK on March 3, 2007
[...] 雖然說升級是上禮拜的事情，收到消息說 WordPress 2.1.1 下載檔案被 cracker 放東西進去，可能有安全性疑慮，請大家升級到 2.1.2。官方的網誌也說明他們的作法：WordPress 2.1.1 Dangerous, Upgrade。 [...]

Pingback from WordPress 2.1.2 緊急發佈 « Kirin Lin on March 3, 2007
[...] WordPress 2.1.2 has been released and I have updated this site to WordPress 2.1.2. [...]

Pingback from GaMerZ.WordPress » Blog Archive » WordPress 2.1.2 on March 3, 2007
[...] the story of what this was all [...]

Pingback from Unplanned downtime on March 3, 2007
[...] pointed out on the WordPress development blog, a cracker gained access to the wordpress.org servers and replaced the 2.1.1 download with a [...]

Pingback from wordpress.org Cracked, Exploit in 2.1.1 Release | no wow on March 3, 2007
[...] said This morning we received a note to our security mailing address about unusual and highly [...]

Pingback from BuzzDroid.com » Wordpress 2.1.1 Unsafe - Upgrade Now Or Your Blog May Die! on March 3, 2007
[...] 2.1.2 にアップグレードしたほうが良いです。というのも、WordPress 公式サイトによると If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a [...]

Pingback from 43hr.org » Blog Archive » さくらインターネットで EasyWPUpdate を使う on March 3, 2007
[...] ha anunciado Matt desde el propio blog oficial del proyecto, la versión 2.1.1 que se liberó hace unos días, y de la que como siempre os informé en este [...]

Pingback from Urgente actualización a WordPress 2.1.2 » ChochitoPelao on March 3, 2007
[...] I finally get around to upgrading to the latest and greatest version of WordPress, and it was compromiesd! I’m now up to [...]

Pingback from jefflundberg.com/blog » Blog Archive » WordPress 2.1.2 on March 3, 2007
[...] aproximadamente 3 horas fue anunciado que la versión 2.1.1 de Wordpress contiene múltiples vulnerabilidades, por este motivo se recomienda la actualización a la versión [...]

Pingback from Cortex’s Secret Blog on March 3, 2007
[...] It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution. – Full Story [...]

Pingback from Upgrade your Wordpress 2.1.1 into 2.1.2 ASAP by Reaper-X .:[ ID ]:. on March 3, 2007
[...] was a serious breach of blog software Wordpress’s security the other day. Today it was discovered, and the Wordpress.org support forums were down while they [...]

Pingback from Abandoned Stuff by Saskboy » Blog Archive » Wordpress server cracked on March 3, 2007
[...] Para mais informações veja o anúncio oficial. [...]

Pingback from Wordpress 2.1.1 perigoso, atualize para 2.1.2 - Nerd Games on March 3, 2007
[...] Wordpress 官方的的消息，Wordpress 2.1.1 [...]

Pingback from CODE|源码 » Wordpress2.1.1 dangerours,upgrade on March 3, 2007
[...] could undermine your blog system and you are advised by the WordPress developers to immediately upgrade to WordPress 2.1.2. According to the WordPress official blog: If you downloaded WordPress 2.1.1 within the past 3-4 [...]

Pingback from Dangerous exploit in WordPress 2.1.1 at Emporium Blog on March 3, 2007
[...] March 2, 2007 at 10:41 pm · Filed under Blogathon 2007 Taken from the Official Wordpress Blog [...]

Pingback from Angel Lights » Wordpress 2.1.2 on March 3, 2007
[...] announced tonight that an unknown hacker inserted a security exploit into 2.1.1. The attack occurred over the past couple of days, but to ensure absolute security the WordPress [...]

Pingback from Huge WordPress 2.1.1 Security Hole Found · cavemonkey50.com on March 3, 2007
[...] to the WP dudes for the security warning. 2.1.2 successfully [...]

Pingback from dangerouslyawesome » 2.1.2 upgrade on March 3, 2007
[...] Wordpress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from McGrew Security on March 3, 2007
[...] เมื่อเจอข่าวนี้ครับ WordPress 2.1.1 dangerous, Upgrade to 2.1.2 ที่ประกาศจากทีมผู้พัฒนาโดยตรง [...]

Pingback from ใครใช้ WordPress 2.1.1อัพเกรดด่วน - iDayBlog on March 3, 2007
[...] 原因詳見:官網的安全性通知 [...]

Pingback from 【WP】wordpress 2.1.1的安全性問題 | Robbin.cc on March 3, 2007
[...] keep on top of things here at weknowhtml. thanks to the warning, we’ve upgraded this (and our client blogs) to [...]

Pingback from the blog: tagging isnt just for hoodlums anymore » and another upgrade on March 3, 2007
[...] joden!!! apenas hace 10 días atrás que Wordpress 2.1.1 fue liberado y para colmo de males, ya hay nueva version de Wordpress, la 2.1.2. Resulta que un cracker obtuvo acceso a uno de los servidores de wordpress.org y logro modificar el [...]

Pingback from Increible: Wordpress 2.1.1 Crackeado! y Wordpress 2.1.2 Liberado « Javier Aroche on March 3, 2007
[...] 2.1.1 has been tampered by some cracker and contains exploitable code. Everyone on that bandwagon should move to 2.1.2 ASAP [...]

Pingback from hackd » Blog Archive » happens to everyone on March 3, 2007
[...] WordPress Upgrade Released WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2: This morning we received a note to our security mailing address about unusual and highly [...]

Pingback from jimmitchell.org » Archive » Critical WordPress Upgrade Released on March 3, 2007
[...] guys at WordPress have issued an alert to all users who downloaded WordPress 2.1.1 in the past 3-4 days to upgrade [...]

Pingback from TechnoBeta Blog » Upgrade to WordPress 2.1.2 Immediately! on March 3, 2007
WordPress 2.1.1 berbahaya

Kaget saya melihat judul dari entri di WordPress development blog: WordPress 2.1.1 dangerous, Upgrade to 2.1.2. Karena menurut Matt, file download-an wordpress 2.1.1 telah diubah oleh cracker sehingga file tersebut memiliki security exploit. Masih menu…

Trackback from rendra.net. on March 3, 2007
[...] 危险的wordpress2.1.1，赶紧升级！今天登录后台，看到了一条吓人一跳的消息，wordpress2.2.1版竟然因为服务器被人入侵，给人改了文件，里面放了恶意代码，官方呼吁大家赶紧升级至2.1.2版本 [...]

Pingback from 波乐阁 | 危险的wordpress2.1.1，赶紧升级！ on March 3, 2007
[...] More information: WordPress 2.1.1 dangerous, Upgrade to 2.1.2. [...]

Pingback from Hariadi.NET » WordPress 2.1.1 Dangerous on March 3, 2007
[...] can view the whole article on wordpress’s website « New Strain of Virus a Threat to Businesses [...]

Pingback from » Bloggers, Update your Wordpress Immediately on March 3, 2007
[...] कर रहे हैं। वर्डप्रेस के द्वारा जारी नई खबर के अनुसार वर्डप्रेस का अब तक का [...]

Pingback from वर्डप्रेस 2.1.1 “खतरनाक” है at इधर उधर की on March 3, 2007
[...] For more info, visit the official WordPress Development Blog. [...]

Pingback from WordPress 2.1.1 is dangerous - esn studio on March 3, 2007
[...] 2.1.1, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. [hat tip: Evan] [...]

Pingback from WordPress 2.1.1 and 2.0.9 Bugfix on March 3, 2007
[...] This is the kind of thing you pray never happens, but it did and now we’re dealing with it as best we can. Although not all downloads of 2.1.1 were affected, we’re declaring the entire version dangerous and have released a new version 2.1.2 that includes minor updates and entirely verified files. We are also taking lots of measures to ensure something like this can’t happen again, not the least of which is minutely external verification of the download package so we’ll know immediately if something goes wrong for any reason. Source: WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from Wordpress Pwned Tips Dr.com on March 3, 2007
[...] peeps have at WordPress announced a very critical update WordPress 2.1.1 users. Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from WordPress 2.1.2 Critical Update! on March 3, 2007
[...] poor WordPress developers are having continuing problems with the 2.0 release. A security alert was issued on the WordPress Development Blog on March 2, 02007 for anyone who’s downloaded [...]

Pingback from The Ten Thousand Year Blog » Security alert: update your WordPress 2.1.1 installation on March 3, 2007
[...] the WordPress Multiple Script Injection Vulnerabilities in yesterday’s Quick Link, and today WordPress is reporting that a cracker gained user-level access to one of the servers and modified the 2.1.1 download file. [...]

Pingback from Security Tools News & Tips » Blog Archive » Wordpress 2.1.1 Dangerous, Upgrade on March 3, 2007
[...] a few days after version 2.1.1, WordPress released version 2.1.2 because the previous version may include a security exploit that was added by a [...]

Pingback from Important! Upgrade your WordPress to 2.1.2! on March 3, 2007
[...] out the door for a business fishing trip (more in the next post) but just wanted to let all you WordPress users know that you need to upgrade to 2.1.2 now! Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from O’Flaherty - » Major security issue with WordPress 2.1.1 - Upgrade to 2.1.2 now! on March 3, 2007
[...] WordPress is reporting that a cracker gained user-level access to one of the servers and modified the 2.1.1 download file. The hacker managed to modify two files in WP 2.1.1 to include code that would allow for remote PHP execution. The 2.1.1 package does not seem to have been compromised when it was initially released, WordPress encourages all users to upgrade to 2.1.2 to patch the security hole. Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. [...]

Pingback from Wordpress 2.1.1 Dangerous, Upgrade - Nirlog.com - Technology, Life and other stuff that come along… on March 3, 2007
[...] Source: Wordpress [...]

Pingback from FahadBlog » Blog Archive » Wordpress securety hole on March 3, 2007
[...] WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [Wordpress.org] [...]

Pingback from KhimHoe.Net » Blog Archive » [!]Wordpress 2.1.2! Security Exploit in 2.1.1! on March 3, 2007
[...] I suppose I’m glad I didn’t even have a chance to start. Today, just about everyone with WordPress 2.1.1 was scrambling to upgrade it after it was revealed that intentionally malicious code had been placed in it. I’d encourage people to read the original announcement. [...]

Pingback from Original Cin » Blog Archive » WordPress 2.1.2, BBpress, and Why FanCruft is Still Hand-Rolled For the Foreseeable Future on March 3, 2007
[...] it was initially released, WP encourages all users to upgrade to 2.1.2 to patch the security hole.read more | digg [...]

Pingback from 煎蛋 » Wordpress 2.1.1 Security Hole Leaves Blogs Wide Open on March 3, 2007
[...] a 2.1.1, cambiate de inmediato a 2.1.2 para tu seguridad y la de tu blog. Más información en: Wordpress.org Filed under Noticias, Wordpress having Leave a [...]

Pingback from Weas Frikis » Blog Archive » Actualización Crítica usuarios de Wordpress 2.1.1 on March 3, 2007
[...] include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 [...]

Pingback from Wordpress Exploit at Rule Of One on March 3, 2007
[...] 本家WordPress 2.1.1のファイルがクラックされていたとのことで、緊急アップデートがアナウンスされております。 http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from くろいおとなどっとこむブログ » WordPress 2.1.2へアップデートを！（警告） on March 3, 2007
[...] 「WordPress」官方於幾小時前緊急釋出了 WP 升級版本「2.1.2」, 主因是「2.1.1」的下載主程式被 Crack, 某些檔案被加入了用來遠程運行 PHP 的程式。(詳情) [...]

Pingback from Goston’s Blog » [BLOG] 升級成 WordPress 2.1.2 on March 3, 2007
[...] sitting there in the News and Announcements block of the admin page was an emergency notice. Some *@#!*%# mashuga cracked root on WordPress.org’s servers and slipped some malware code [...]

Pingback from New Harper’s Mews » Blog Archive » WordPress Servers Cracked; Version 2.1.1 Compromised on March 3, 2007
[...] altered, so users of WordPress 2.0.9 should be safe. More information on this issue can be found here. Read the Favored Freeware entry for WordPress [...]

Pingback from MacManX.com | Urgent WordPress Security Update v2.1.2 on March 3, 2007
[...] I upgrade WordPress 2.1.1 to 2.1.1 [...]

Pingback from OK1JKT - Web pages » Blog Archive » Security upgrade WP 2.1.1 to 2.1.2 on March 3, 2007
[...] download the new version, put the files back in place, then watch as my life slowly fades away. Read the full article here Make sure you upgrade your Wordpress installation. Why? Because you touch yourself at night. [...]

Pingback from .::v-nessa.net::. » Wordpress 2.1.1 is Dirty on March 3, 2007
[...] Dies betrifft nur die englische Version von Wordpress, die DE-Edition 2.1.1 ist davon nicht betroffen. Mehr Informationen unter WordPress 2.1.1 und der “worst case” und WordPress 2.1.1 dangerous, Upgrade to 2.1.2. [...]

Pingback from Tigions Blog » Blog Archive » ! Wordpress 2.1.1 security exploit on March 3, 2007
[...] sivustoa py�ritt�v�n Wordpressin versio 2.1.1 julistettiin vaaralliseksi hakkerin onnistuttua muuttamaan sen koodia yhdell� wordpress.org:n servereist�. [...]

Pingback from Spacealien.fi » Blog Archive » Pikap�ivitys Wordpressiin on March 3, 2007
[...] Matt has posted a long explanation for this: If your blog is running 2.1.1, please upgrade immediately and do a full overwrite of your old files, especially those in wp-includes. Check out your friends blogs and if any of them are running 2.1.1 drop them a note and, if you can, pitch in and help them with the upgrade. [...]

Pingback from OpenAppDotOrg: Open Source Blogging Applications on March 3, 2007
[...] 请尽快更新到2.1.2 据官方blog通知 wordpress的下载服务器被入侵修改了wp内几个文件 [...]

Pingback from 探花 @ Tinn Walk » 请立即更新wordpress2.1.2 on March 3, 2007
[...] If you upgraded to version 2.1.1 within the last three or four days (as I spent a few hours doing on Thursday), you need to upgrade again to 2.1.2. There’s a major security problem with the earlier version. See here. [...]

Pingback from SeoulLife.net » Wordpress alert on March 3, 2007
[...] have updated their version to 2.1.2 to address a security breach with the 2.1.1 version of the Wordpress Installer Download [...]

Pingback from o! Just Me » Wordpress 2.1.1 has security holes, upgrade on March 3, 2007
[...] scivolata per il team di Wordpress.org: nell’annuncio per la versione 2.1.2 leggiamo che “se avete scaricato la versione 2.1.1 negli ultimi 3-4 giorni, i tuoi file potrebbero [...]

Pingback from Wordpress 2.1.1 "crackato", passare subito a 2.1.2 on March 3, 2007
[...] the WordPress.org download site and included some ways to exploit your site. Read about it on the WordPres Dev blog, but first start downloading [...]

Pingback from Wordpress Hacked! » mattwiebe.com on March 3, 2007
[...] For more info, head over to WordPress.Org [...]

Pingback from Meshio.Com- Managing Your Personal Finance the Malaysian Way! » Blog Archive » WordPress 2.1.1 Upgrade Dangerous on March 3, 2007
[...] Wordpress announced that the Wordpress v2.1.1 is corrupted and those who upgraded their sites to that version should upgrade the system to the v2.1.2 immediately. Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. [...]

Pingback from Wordpress v2.1.1 Cracked, Upgrade To v2.1.2 Immediately » SELaplana on March 3, 2007
[...] WORDPRESS 2.1.1 DANGEROUS, UPGRADE 혹, 2.1.1을 사용하시는 분이 있다면 빨리 업그레이드 하세요. [...]

Pingback from AINUERON.SHOUTORANGE » Blog Archive » [긴급]워드프레스 2.1.1 는 2.1.2로 업그레이드 하세요. on March 3, 2007
[...] the official WordPress blog for [...]

Pingback from Viper007Bond.com » Blog Archive » ATTENTION WORDPRESS 2.1.1 USERS! on March 3, 2007
[...] Update ASAP, WP Download page. [...]

Pingback from TechZOnline.net » Critical Update on WordPress, 2.1.2 on March 3, 2007
[...] party to include code, which allows the execution of arbitrary PHP code on the remote blog hosting. Here’s the news. I created this post with the only aim to spread the word, so that everybody involved may upgrade [...]

Pingback from WordPress 2.1.1 download was modified by hacker(s): upgrade to 2.1.2 » Autarchy of the Private Cave on March 3, 2007
[...] per risolvere il problema e per rilasciare una nuova versione. Leggo inoltre dal messaggio sul blog degli sviluppatori che d’ora in poi sarà aggiunto un sistema di verifica esterna al download di tutti i file [...]

Pingback from Attenzione! Aggiornate il vostro Wordpress, un cracker aveva modificato i file della versione 2.1.1 | MondoBlog on March 3, 2007
[...] you are running Wordpress 2.1.1, then there is some bad news. According to annoucement on Wordpress blog, a cracker managed to add some security expoit files in archive of wordpress [...]

Pingback from Upgrade to Wordpress 2.1.2 NOW on March 3, 2007
[...] Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code [Quelle….weiterlesen] [...]

Pingback from m68n,wengophone and fun » wordpress 2.1.1 dangerous, upgrade to 2.1.2 on March 3, 2007
[...] [via Wordpress Blog] [...]

Pingback from Wordpress 2.1.2 Released, Critical update » Freakitude on March 3, 2007
[...] Les mer om saken på WordPress.org WordPress 2.1.1 Dangerous, upgrade [...]

Pingback from WordPress 2.1.2 - Viktig sikkerhetsoppgradering | Norsk WP on March 3, 2007
[...] can see the official announcement here. blog, [...]

Pingback from Why you should upgrade to Wordpress 2.1.2 :: Cucirca.com on March 3, 2007
[...] there has been a whoopsie with some of their download-servers, so you might want to make shure, you’re upgrading to the newest version (2.1.2, as we speak). as always, it’s trouble-free. just upload everything to your server and visit yourserver/wp-admin/upgrade.php. [...]

Pingback from habi.gna.ch » update your wordpresses! on March 3, 2007
[...] Fuck. This. Shit. [...]

Pingback from Sho Fukamachi Online » Blog Archive » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] 3.3.: Ja, da bin ich ja mal froh, daß ich auf eine Version mit Backdoor upgedated hatte. Danke an Jörn für den Hinweis. Wenn das mal nicht zum Kotzen ist, was ist es [...]

Pingback from #!/bin/blog :: tar, rm, cp on March 3, 2007
[...] WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from Ellen Burgess » Blog Archive » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] For anyone running a recently upgraded Blog with WP 2.1.1, please upgrade to 2.1.2. [...]

Pingback from Running WP 2.1.1? Upgrade immeditely! at BlogThe.Net on March 3, 2007
[...] niet goed is gevalideerd en problemen kan veroorzaken. Helaas blijft het hier niet meer bij, want gisteren werd duidelijk dat de website van WordPress aangepast was waarbij versie 2.1.1 was voorzien van modificaties die [...]

Pingback from Dailystuff » Hoe veilig is WordPress on March 3, 2007
[...] that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. Bron __________________ . . . [...]

Pingback from Worpress Exploit - webhostingtalk.nl on March 3, 2007
[...] 10:08, Posted in Pelit ja vehkeet, Aamu sitten alkoi mukavasti t�llaisella varoituksella. Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may [...]

Pingback from Yksi n�k�kulma » Wordpress 2.1.2 on March 3, 2007
[...] la última semana que sepas que tienes un pequeño problema que resolver. Algo así es lo que dicen en su blog oficial. Por lo visto un cracker ha tenido acceso al código de esta versión durante los últimos días y [...]

Pingback from Un lugar en el mundo… » Blog Archive » Actualización de seguridad para Wordpress 2.1.1 on March 3, 2007
[...] had released their WordPress 2.1.2today, but sadly it’s is not a feature upgrade, instead it’s an emergency security upgrade due to [...]

Pingback from WordPress 2.1.2: Emergency Security Upgrade at hwa2u.com on March 3, 2007
[...] Plus d’infos : http://wordpress.org/development/2007/03/upgrade-212/ [...]

Pingback from Le blog de Xavier … » Blog Archive » Wordpress : mise à jour importante (2.1.2) on March 3, 2007
[...] WordPress › Blog » WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from my weblog » Blog Archive » Wordpress 2.1.1 released on March 3, 2007
[...] Wordpress 2.1.1 Dangerous. Upgrrrrrrrrrade! Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. [...]

Pingback from boogher.com - » Spread the word! on March 3, 2007
[...] je kort geleden WordPress hebben geupdate naar 2.1.1 moet je vooral dit even lezen: It was determined that a cracker had gained user-level access to one of the servers [...]

Pingback from WordPress 2.1.1 is onveilig at TibsBits on March 3, 2007
[...] Muutettu versio sallii PHP-koodin suorittamisen palvelimella verkon yli. Tarkempi kuvaus tapahtumista ja ongelmasta on WordPressin Developer Blogissa. [...]

Pingback from WordPress 2.1.1 on vaarallinen - Kimmo Suominen on March 3, 2007
[...] are the Wordpress developers so sporadic in releasing WP? Well, To see the full answer, visit the Wordpress Development Blog for the full [...]

Pingback from Wordpress 2.1.2 Released at forgedeuphoria.com on March 3, 2007
[...] For further details check out the WordPress blog. [...]

Pingback from PureBlogging.com » WordPress 2.1.1 is Dangerous, Upgrade Now! on March 3, 2007
[...] leerse el comunicado desde el sitio de WordPress. Realmente, es sorprendente que esto haya ocurrido. En lo personal, aún no logro comprender cómo [...]

Pingback from Crackean la descarga oficial de WordPress » Redes de Blogs on March 3, 2007
[...] gaat snel, vandaag is er alweer een nieuwe versie van Wordpress uitgekomen, versie 2.1.2. Iemand heeft toegang gehad tot de server van Wordpress en daar een versie neergezet [...]

Pingback from Zomaar… » Blog Archive » Alweer nieuwe versie on March 3, 2007
[...] 2.1.1 is potentially dangerous because some cracker got his paws on it. Doggone cracker! So upgrade to 2.1.2. Got it? Although, you’ll notice I’m still [...]

Pingback from Weblog Sin Pies » wordpress users: be warned! on March 3, 2007
Strano l’aggiornamento a Wordpress 2.1.2…

Oggi apro come solito il pannello di amministrazione del mio Blog, che si vasa su Wordpress. E noto, nella parte dedicata agli avvisi degli sviluppatori, un avviso che mi fa rizzare le orecchie.
L’avviso è quello che trovate a questo link: http:…

Trackback from Il Blog di Orebla on March 3, 2007
[...] doesn’t matter if you installed 2.1.1 on the first day it came out, well before the cracker modified the file on wordpress.org. WordPress 2.1.2 has a security fix that 2.1.1 doesn’t have. And it has several fixes that [...]

Pingback from WordPress 2.1.2 is a mandatory upgrade « Mark on WordPress on March 3, 2007
[...] Hier geht’s zur Downloadseite für Wordpress 2.1.2 - und hier zur entsprechenden Wordpress-Meldung. [...]

Pingback from Steini’s Garden » Blog Archive » Wordpress - gefährliches Sicherheitsloch! on March 3, 2007
[...] scivolata per il team di Wordpress.org: nell’annuncio per la versione 2.1.2 leggiamo che “se avete scaricato la versione 2.1.1 negli ultimi 3-4 giorni, i tuoi file [...]

Pingback from Wordpress 2.1.1 “crackato”, passare subito a 2.1.2 « L’urlo del coniglio on March 3, 2007
[...] and inserted exploit code into version 2.1.1 of WordPress. They are therefore recommending that everyone upgrade from version 2.1.1 to version [...]

Pingback from whatithink on March 3, 2007
[...] escasas horas ha sido publicada una actualización de seguridad letal para todos aquellos que hayan instalado Wordpress 2.1.1 en [...]

Pingback from Los crackers se la cuelan a Wordpress.org — Criando Cuervos on March 3, 2007
[...] More on that on the official wordpress blog. [...]

Pingback from Wordpress 2.1.1 was qualified as dangerous! .:. eDragonu - the choice of a personal path on March 3, 2007
[...] acaba de publicar la versión 2.1.2, tan sólo unos días después de la 2.1.1. ¿El motivo? Un cracker se ha colado en el servidor del [...]

Pingback from Actualiza inmediatamente a WordPress 2.1.2 » La brujula verde on March 3, 2007
Angriff auf Wordpress-Installationspaket

Wer in den letzten Tagen die Wordpress-Version 2.1.1 von wordpress.org heruntergeladen hat, tut gut daran raschm�glichst auf die neue Version 2.1.2 upzudaten:
Es wurde festgestellt, das sich ein Cracker Zugriff auf einen der “wordpress.org&#822…

Trackback from BloggingTom on March 3, 2007
[...] cuentan en la web de desarrollo de wordpress. algún cracker se coló en sus servidores y modificó el código de la versión 2.1.1. incluyendo [...]

Pingback from Dondado » Peligros en la versión 2.1.1 de Wordpress on March 3, 2007
[...] WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from Dando la chapa » Crackeada descarga oficial de WordPress 2.1.1 on March 3, 2007
[...] More details here. [...]

Pingback from Liberty Alone » Blog Archive » Wordpress security vulnerability on March 3, 2007
[...] hacker was able to add a vulnerability to the version of 2.1.1 that was pushed out about a week or so ago. Essentially, it was a back door [...]

Pingback from john bollwitt blog » WordPress 2.1.1 bad, WordPress 2.1.2 good on March 3, 2007
[...] Download-Dateien für Wordpress 2.1.1 verändert. Also hat das Wordpress-Team mal schnell noch ein Update 2.1.2 rausgehauen, das man auf jeden Fall installieren [...]

Pingback from Soundmonster’s Blog » Blog Archiv » …und noch ein Wordpress-Update :-) on March 3, 2007
[...] Wordpress 2.1.1 Dangerous, upgrade to 2.1.2 [...]

Pingback from flipthedolphin · Danger with Wordpress 2.1.1 - Imperative Upgrade to 2.1.2 on March 3, 2007
[...] ທີ່ມາ - WordPress.org [...]

Pingback from Wordpress v2.1.2 - An Emergency Update | au8ust’s tech channel on March 3, 2007
[...] recent 2.1.1 release of the popular blog software Wordpress was compromised by a cracker who made it easier for to execute code remotely. This is interesting because the official release was quietly and subtly compromised, and has been [...]

Pingback from Voice of Valehru » Important Wordpress Anouncement. on March 3, 2007
[...] Wordpress heeft bezoek gehad van een ongenode gast die toegang heeft verworven tot de servers en ver…. Hierdoor is er nu een nieuwe versie beschikbaar (2.1.2) die alle problemen moet oplossen. [...]

Pingback from Wordpress 2.1.1 gevaarlijk · Bakkel dot com on March 3, 2007
[...] WordPress 2.1.1 dangerous, Upgrade to 2.1.2 [...]

Pingback from Wordpress 2.1.2 at ogeeBloggin’ on March 3, 2007
[...] in den vergangenen Tagen Zugriff auf die Dateien verschafft und sie für seine Zwecke verändert (offizielle Stellungnahme hier). Zwar betrifft dies offenbar nicht die eingedeutsche Fassung (”DE-Edition”), ein [...]

Pingback from UPLOAD » Schwere Sicherheitslücke in Wordpress 2.1.1 on March 3, 2007
[...] Sorry. Alle bitte Wordpress updaten. [...]

Pingback from Code Candies » Blog Archive » Wordpress updaten on March 3, 2007
[...] dei server di WordPress è risultato compromesso (fonte): un cracker ha avuto accesso alla macchina e modificato i file del pacchetto WordPress 2.1.1 [...]

Pingback from pseudotecnico:blog » Blog Archive » URGENTE: aggiornate a WordPress 2.1.2!! on March 3, 2007
[...] ein echter Alptraum für die betroffenen User und erst recht für das WordPress-Team. Das ist kein Joke, siehe auch [...]

Pingback from Basic Thinking Blog » der GAU - infizierte Originaldateien: DRINGEND Wordpress 2.1.1 UPDATEN!!!! on March 3, 2007
[...] auf die zweifelhafte (aber nicht manipulierte) DE-Version 2.1.1 die aktuelle Version 2.1.2 von offizieller Seite nachgeschoben. Diese Version soll die erheblichen Sicherheitsm�ngel beheben. WordPress 2.1.2 ist [...]

Pingback from blog.babytux.de » Wordpress 2.1.2 on March 3, 2007
Wordpress 2.1.2 mise à jour recommandée

J’ai tout d’abord pensé à un poisson d’avril. Mais c’est encore un peu tôt.

Pour les utilisateurs de Wordpress, il est vivement recommandé de faire la mise à jour de Wordpress 2.1.1 à la version 2.1.2.

Apparemment, une personne malveill…

Trackback from Gatellier.be on March 3, 2007
[...] Dev blog announcement. Essentially, someone got into the Wordpress install hosted on the servers and made some modifications to a couple of files. Malicious changes at that. The information in the blog post seems to indicate that feed.php and theme.php (both in wp-includes) were modified. Perhaps other files were as well. [...]

Pingback from The Lair / wordpress 2.1.1 exploitable in the worst way on March 3, 2007
[...] N’attendez pas et allez voir le site web WordPress. [...]

Pingback from » WordPress 2.1.1 - Information de s�curit� on March 3, 2007
[...] read more | digg story [...]

Pingback from Wordpress 2.1.1 Security Hole Leaves Blogs Wide Open « Know things on March 3, 2007
[...] tespit edildi. Bu durum üzerine WordPress.org gerekli düzenlemeleri yapıp 2.1.2 sürümünü yayınladı. Eğer son 3-4 gün içinde WordPress.org’dan İngilizce son sürümü indirip kurduysanız [...]

Pingback from WordPress Türkiye » Blog Archive » WordPress 2.1.2 on March 3, 2007
[...] here, you may want to subscribe to my RSS feed. Thanks for visiting!If your blog uses WordPress, this advisory should be read and acted [...]

Pingback from The Social Programmer - Craig Murphy: author, blogger, community evangelist, developer, speaker » WordPress 2.1.2 - immediate upgrade advisory on March 3, 2007
[...] issue on v2.1.1 as per Wordpress.org (just read their short story and anyone who use Wordpress will rush to upgrade!). So I quickly stop [...]

Pingback from Dozleng.com Internet Security & Others on March 3, 2007
[...] you use WordPress version 2.1.1, a dangerous security breach in that version has been [...]

Pingback from WordPress 2.1.2 - Essential upgrade at NevilleHobson.com on March 3, 2007
WordPress 2.1.1 infiziert - deutsche Version nicht betroffen

Im Developers Blog von WordPress.org kann man es nachlesen:
Vor kurzem konnte ein Hacker Zugriff auf den offiziellen WordPress-Server nehmen und die dort gelagerte Version 2.1.1 von WordPress infizieren.
Wer also in den letzten Tagen WordPress 2.1.1 di…

Trackback from Pottblog on March 3, 2007
[...] sehr beunruhigende Nachricht habe ich gerade im Blog des Wordpress-Entwicklerteams gelesen: Offenbar wurde einige Files des [...]

Pingback from mikrosklave.net » Blog Archive » Gecracktes Wordpress-Update on March 3, 2007
[...] 2.1.2 has been compromised. If you installed it recently you should immediately upgrade. This is from the official Wordpress [...]

Pingback from Copacetic » Blog Archive » Wordpress 2.1.2 Compromised on March 3, 2007
WordPress 2.1.1 pericoloso, aggiornate alla 2.1.2!

Per coloro che hanno scaricato - negli ultimi 3-4 giorni - ed installato la versione 2.1.1 di WordPress è vivamente consigliato di aggiornare tutti i file con la nuova versione 2.1.2 immediatamente.

Il motivo di questa urgenza? Un cracker si è intro…

Trackback from lucatogni.ch on March 3, 2007
[...] פרטים יש פה. « לכתוב ליד [...]

Pingback from מסעותיו של מרק בשבילי החיים » ארכיון » בעית אבטחה אפשרית בוורדפרס 2.1.1 on March 3, 2007
[...] Read here the whole story [...]

Pingback from PCNews.TV » Blog Archive » WordPress 2.1.1 IS dangerous, Upgrade to 2.1.2 on March 3, 2007
[...] motivo di questa urgenza? Un cracker si è intromesso nei server di WordPress.org ed ha caricato una [...]

Pingback from Massimo D’Onofrio » WordPress 2.1.1 pericoloso, aggiornate alla 2.1.2! on March 3, 2007
[...] sull’accaduto qui e download sul sito [...]

Pingback from :: Michelangeblog :: WordPress 2.1.1 compromesso, AGGIORNATE! on March 3, 2007
[...] Mar, 2007 General If’ you’re running WP 2.1.1 you need to update your files urgently. There may be a serious security hole in some downloads of [...]

Pingback from A critical Wordpress patch « Tom’s View of the World on March 3, 2007
[...] wordpress.org spiegano che un cracker è riuscito ad entrare su uno dei server di wp.org e ha modificato alcuni [...]

Pingback from Wolly Weblog » WP 2.1.2 nuovo aggiornamento OBBLIGATORIO dato che la 2.1.1 è stata dichiarata pericolosa on March 3, 2007
[...] The distribution for Wordpress 2.1.1 was hacked to include an exploit which would allow remote users to take run malicious code on a webserver. This has been fixed, and an updated issued, for more details, see this post. [...]

Pingback from Murky.org » Wordpress 2.1.1. should be updated immediately on March 3, 2007
[...] sich in den letzten Tagen Wordpress 2.1.1 heruntergeladen und installiert hat sollte auch dringend updaten, denn ein gewiefter Cracker hat sich vor kurzem an den Dateien von Verison 2.1.1 vergangen und ein [...]

Pingback from Peter Kröner - Webdesign, HTML, CSS, PHP » Archiv » Neue Versionen von Exaile und Wordpress. on March 3, 2007
[...] Üble Geschichte bei Wordpress: Ein Bösewicht hatte die Download-Datei des bis gestern aktuellen Wordpress 2.1.1 manipuliert und eine Lücke eingeschleust. Auch wenn man wohl nicht betroffen war, wenn man 2.1.1 kurz nach dem Release heruntergeladen hatte, wurde 2.1.1 generell für gefährlich erklärt und Version 2.1.2 freigegeben. Mehr dazu. [...]

Pingback from Das BlogBlog · Wordpress 2.1.2 on March 3, 2007
[...] quick note to point out that TD Word Count is compatible with v2.12 of Wordpress announced and released yesterday. This is an important security update for Wordpress 2.1.1 users, so I would [...]

Pingback from Wordpress 2.12 compatibility at TD Scripts Wordpress mods on March 3, 2007
[...] 3rd, 2007 @ 12:25 by Mike A notice on the Wordpress development blog says that the Wordpress 2.1.1 download package was corrupted by [...]

Pingback from devBlog » Wordpress 2.1.1 download corrupted! on March 3, 2007
Peligro! Wordpress 2.1.1 fue Hackeado.

Al parecer Wordpress 2.11 fue hackeado desde hace unos 3 o 4 días por un Hacker quien agrego un Exploit dentro de los archivos…

WordPress.org

WordPress Blog

March 2, 2007

WordPress 2.1.1 dangerous, Upgrade to 2.1.2

What You Can Do to Help

Questions and Answers

795 Pings