WordPress.org

Support

Support » Plugins and Hacks » [Resolved] [Plugin: Jetpack by WordPress.com] LizaMoon SQL Injection

[Resolved] [Plugin: Jetpack by WordPress.com] LizaMoon SQL Injection

  • dai1976

    @dai1976

    Thanks for Wordfence security i discovered one of my sites had the LizaMoon SQL Injection attack that is currently doing the rounds..

    it was in the jetpack twitter.php , and looks like this

    function normalize_tweet_text( $text ) {
    // Hack to replace this junk from the tweets.
    // /2011/03/31/lizamoon_mass_injection_attack/
    return str_replace( ‘</title><script src=http://lizamoon.com/ur.php></script>’, ”, $text );
    }

    function normalize_tweet_text( $text ) {
    // Hack to replace this junk from the tweets.
    // /2011/03/31/lizamoon_mass_injection_attack/
    return str_replace( ‘</title><script src=http://lizamoon.com/ur.php></script>’, ”, $text );
    }

    i deleted jetpack because i was unsure of how to deal with this

    anyone else had this ?

    ps i had to remove parts of it because it camw up on here as a link ..

    http://wordpress.org/extend/plugins/jetpack/

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘[Resolved] [Plugin: Jetpack by WordPress.com] LizaMoon SQL Injection’ is closed to new replies.