WordPress.org

Support

Support » How-To and Troubleshooting » security breach on wp-load.php

security breach on wp-load.php

  • I want to bring this to the attention of the community – my wp-load.php was hacked, here is a full copy of the infected file at pastebin:

    http://azizhp.pastebin.com/f61346174

    as you can see from line 24 an html script snippet was inserted. This actually broke my site backend, as when i tried to access the dashboard I got “headers already sent errors”. As I had logged in just two days prior, this must have happenned quite recently.

    It was easily fixed, i reuploaded a copy of the normal wp-load.php file from v2,7 and overwrote the file. I am overwriting all files in my installation just to be on eth safe side.

    My install was not previously compromised so the hacker must have some mechanism to inject code. I am also reporting this to Dreamhost.

    using wordpress 2.7, domain haibane.info

  • The topic ‘security breach on wp-load.php’ is closed to new replies.