Support » Plugins » I’m under attack

  • In my paggination list.

    The normal pagination link:
    has change to:

    I test with Pagenavi and with Pagenumber, the problem is the same.
    When I clear the caché it’s return to normally.

Viewing 2 replies - 1 through 2 (of 2 total)
  • I’m having problems with the hacking of my list of pagination.
    The normal link would be /page/56/
    But is: /page/56/?x=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
    I triet to replace a pugglin of pagination wp-pagenavi to pagenumber and the problem is still there.
    The problem apparently only happens when WP-cache is being active and the only solution that I found is clear my caché. After a few hours, I have the problem again with the links being infected.

    It looks like someone was trying to brute force a remote file inclusion trick on your pagination. /etc/passwd is your unix password file. It’s encrypted, but the passwords can be cracked if they are common enough.

    However, it wouldn’t make sense for WordPress to directly feed this variable into the command line, so I don’t think the culprits were successful. If anything, the thing you should watch out for there is SQL injection.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘I’m under attack’ is closed to new replies.