I’ve been experience one hell of an issue, and I’ve been told that it is not the integrity of my leased server, but rather an exploit in WordPress.
Here’s what happens….
1. A JPG file is uploaded into /themes/ This JPG is actually a redirect script with a .jpg extension. Then a theme file, usually header or footer is edited to hold the embed code for the image. This is not an SQL inject, it’s a hard edit to the file.
2. A JS file will be edited with the redirect script inserted.
Can someone please advise me on how a WordPress exploit would allow someone to upload to the WordPress theme directory and also edit theme files? Again though, it’s not an SQL inject as in dynamically pulling the payload. It’s a hard edit.
What route would this attack be taking without gaining FTP access?
- The topic ‘Exploits that allow hard file editing and file uploading?’ is closed to new replies.