Support » Fixing WordPress » Possible Exploit – Rogue plugins.php file

  • Today I got the “you don’t have permissions to access this page” solely on the plugins list. I cleared it b doing an auto re-install of WP 3.01, but in my /wp-content/plugins directory I found a rogue plugins.php file that is binary starts with ob_start() then gibberish then ends with
    <?php $t=gzinflate(ob_get_contents());ob_end_clean();eval($t)

    So I can guess elsewhere it inserted this function, and called it to run here? I follow most of the standard security recommendations….

    I deleted it and have a copy of this if anyone wants to investigate.

  • The topic ‘Possible Exploit – Rogue plugins.php file’ is closed to new replies.