Possible Exploit – Rogue plugins.php file
Today I got the “you don’t have permissions to access this page” solely on the plugins list. I cleared it b doing an auto re-install of WP 3.01, but in my /wp-content/plugins directory I found a rogue plugins.php file that is binary starts with ob_start() then gibberish then ends with
So I can guess elsewhere it inserted this function, and called it to run here? I follow most of the standard security recommendations….
I deleted it and have a copy of this if anyone wants to investigate.
- The topic ‘Possible Exploit – Rogue plugins.php file’ is closed to new replies.