Support » Plugin: Jetpack by WordPress.com » [Plugin: Jetpack by WordPress.com] LizaMoon SQL Injection

  • Resolved dai1976

    (@dai1976)


    Thanks for Wordfence security i discovered one of my sites had the LizaMoon SQL Injection attack that is currently doing the rounds..

    it was in the jetpack twitter.php , and looks like this

    function normalize_tweet_text( $text ) {
    // Hack to replace this junk from the tweets.
    // /2011/03/31/lizamoon_mass_injection_attack/
    return str_replace( ‘</title><script src=http://lizamoon.com/ur.php></script>’, ”, $text );
    }

    function normalize_tweet_text( $text ) {
    // Hack to replace this junk from the tweets.
    // /2011/03/31/lizamoon_mass_injection_attack/
    return str_replace( ‘</title><script src=http://lizamoon.com/ur.php></script>’, ”, $text );
    }

    i deleted jetpack because i was unsure of how to deal with this

    anyone else had this ?

    ps i had to remove parts of it because it camw up on here as a link ..

    http://wordpress.org/extend/plugins/jetpack/

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: Jetpack by WordPress.com] LizaMoon SQL Injection’ is closed to new replies.