Good evening everyone,
I have a big problem with my wordpress blog, it seems There's been an attack, I received an email from RSA with the following object:
Fraudulent site - please shut down!
I have a folder that was added by some unknown means, I can watch the contenue of this folder named "network" as my browser alert me out as being a phishing page.
I wonder what kind of attack it is, I have the following plugin activated on my blog:
All in One SEO Pack ا 18.104.22.168
0.13 External Videos
Facebook Connect 1.3.1
Last YouTube Video 1.1
My Category Order 3.0.1
Optimize DB 1.3
Role Manager 2.2.3
SexyBookmarks (by Shareaholic) 4.0.1
Thumbnail For Excerpts 2.1
1.0.1 Top Level Categories
Popular Posts WordPress 2.1.4
WP Easy Uploader 1.0.11
WP 1.0 Paging
WP RSS Images 1.0.4
I checked with exploit-db these plugins it seems nothing to report!
i have disabled comments, i have only two input field in my pages:
- One for search with key words
- Another for registration for newsletter, i have used regex , only email format can be transfered.
do you have any suggestions to better secure my blog, or tell me what type of attack it is?
Thank you in advance!