WordPress 2.6.2 got hacked

  • cheekbone

    (@cheekbone)


    15 years, 6 months ago

    My WordPress 2.6.2 got hacked today. I have no idea how exactly. But I found this in my stats:

    07:16:17 ->/wp-login.php
    07:16:21 ->/wp-login.php?action=lostpassword
    07:16:24 ->/wp-login.php?action=lostpassword
    07:16:25 ->/wp-login.php?checkemail=confirm
    07:17:20 ->/wp-login.php?action=rp&key=Ix9moYvBmI0DiDnKwp6j
    07:17:20 ->/wp-login.php?checkemail=newpass
    07:17:54 ->/wp-login.php

    I have an email around the same time about a password change. And while I was still logged in myself, I found out (later) the email address of the admin had been changed.

    I’ve since deleted some plugins (which I think weren’t the problem) and added secret keys to the wp-config. Is this enough or am I still vulnerable?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    15 years, 6 months ago

    I’ve since deleted some plugins (which I think weren’t the problem) and added secret keys to the wp-config. Is this enough or am I still vulnerable?

    The data in your stats or logs might not be indicative (but they can’t hurt).

    Are you on a shared host? If you are and someone was able to read your wp-config.php file then they could have simply read your database host/id/password and made the changes without hacking WordPress.

    If you are not on a shared host, the give your logs a look including the login logs.

    Either way you may want to read this article by Donncha “Did your WordPress site get hacked?”

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    15 years, 6 months ago

    Judging by the time delays there, I’d say somebody got access to your email account and then simply reset your password on the blog.

    Thread Starter cheekbone

    (@cheekbone)

    15 years, 6 months ago

    I think you might be right Otto.. I’ve changed the email address to a gmail address. Still worried, but it might not have been WordPress’ fault. Thanks guys.

    unixgolf

    (@unixgolf)

    15 years, 6 months ago

    Very misleading title, WP 2.6.2 didn’t get hacked. YOUR website got hacked.

    Thread Starter cheekbone

    (@cheekbone)

    15 years, 6 months ago

    Well, at the time I thought WordPress got hacked and I’m still not sure it was my email. Someone changed the WordPress password, admin email, changed a post on the site and created a draft before that. Nothing else was touched.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘WordPress 2.6.2 got hacked’ is closed to new replies.

Tags