WordPress.org

Ready to get started?Download WordPress

Forums

[closed] Possible Security Hole with 3.4.1 (2 posts)

  1. f1ss1on
    Member
    Posted 2 years ago #

    Last night I received an email saying that one of my domains has been suspended. I immediately checked the domain, and the site could not connect to the DB. Upon further research, logs showed that the site was hacked, and a master pw I had for the server had been changed, which in turn, caused 26 WordPress sites to go down. All passwords are 20+ characters, alpha - numeric. It is still unclear how they got into the site.

    I hope that this will help the WordPress devs in finding a security hole and aid in a patch for this.

    In the meantime, I had to create 26 diff master passwords, for sites and dbs that are running 3.4.1. I had 3 other sites that are running 3.3.2 that were not affected.

    For WordPress Devs, I will provide server and sql logs upon request.

  2. fonglh
    Member
    Posted 2 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic