WordPress.org

Ready to get started?Download WordPress

Forums

security breach on wp-load.php (1 post)

  1. azizpoonawalla
    Member
    Posted 5 years ago #

    I want to bring this to the attention of the community - my wp-load.php was hacked, here is a full copy of the infected file at pastebin:

    http://azizhp.pastebin.com/f61346174

    as you can see from line 24 an html script snippet was inserted. This actually broke my site backend, as when i tried to access the dashboard I got "headers already sent errors". As I had logged in just two days prior, this must have happenned quite recently.

    It was easily fixed, i reuploaded a copy of the normal wp-load.php file from v2,7 and overwrote the file. I am overwriting all files in my installation just to be on eth safe side.

    My install was not previously compromised so the hacker must have some mechanism to inject code. I am also reporting this to Dreamhost.

    using wordpress 2.7, domain haibane.info

Topic Closed

This topic has been closed to new replies.

About this Topic