Support » Fixing WordPress » security breach on wp-load.php

  • I want to bring this to the attention of the community – my wp-load.php was hacked, here is a full copy of the infected file at pastebin:

    as you can see from line 24 an html script snippet was inserted. This actually broke my site backend, as when i tried to access the dashboard I got “headers already sent errors”. As I had logged in just two days prior, this must have happenned quite recently.

    It was easily fixed, i reuploaded a copy of the normal wp-load.php file from v2,7 and overwrote the file. I am overwriting all files in my installation just to be on eth safe side.

    My install was not previously compromised so the hacker must have some mechanism to inject code. I am also reporting this to Dreamhost.

    using wordpress 2.7, domain

  • The topic ‘security breach on wp-load.php’ is closed to new replies.