WordPress.org

Ready to get started?Download WordPress

Forums

Auto-upgrade exploit (1 post)

  1. jh20001
    Member
    Posted 4 years ago #

    Recently (wordpress is up-to-date) we experienced an exploit in our WordPress installation. Someone was able to successfully upload a spoofed bank site template to the upgrade directory (mentioned content: /wp-content/upgrade/wellsfargo/"). They somehow then were able to copy that directory to the root folder on the server (below the public_html folder).

    Although we are unsure exactly how they accomplished this, the matter is..they were able to.

    I have searched but have not been able to duplicate this problem elsewhere in existence (no one else has been posting about it that I have been able to find).

    Something to consider.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.