WordPress.org

Support

Support » Miscellaneous » Security Question…

Security Question…

  • I was running 2.0.1 as my homepage. I recently came to find that it was replaced with a page “You’ve been hacked by Alex!”

    I see that an update went out on 3/10, I missed upgrading as I am on vacation with limited network access. I’ve tried to find information on what the security issue was that was resovlved in the new version but have not had any luck.

    Would what happened on my site be a result of the problem, and if so, was it just a replace the index.* file?

    Thanks for help, sorry if this has been addressed, I don’t have a lot of time to search for the answer (limited network access while on vacation.)

Viewing 4 replies - 1 through 4 (of 4 total)
  • They used an XSS attack more than likely. You can google it.
    There are a few more files then index.php changed in the 2.0.2 security release.

    I cannot get into my WordPress site at all…admin site either…keep getting error ‘Parse error: parse error, unexpected ‘<‘, expecting ‘]’ in /home/revoltam/public_html/wp-content/themes/BurninR/ads.php on line 72′

    I was sure I had version 2.0.1 however in my file search I only see two for 1.0.5 an it will not let me delete them 🙁

    It is not listed in the add/remove programs at all…I did a scan and found I had a keylogger on my computer…WordPress is the last downloaded program, and I had heard it could have a keylogger on it?

    At any rate, I would like to delete anything to do with WordPress and load the new 2.0.2

    How do I delete those old loads? Will I lose everything I had done on the site so far when I load 2.0.2? I am not very techie inclined, and do not udnerstand a lot of the jargon…but I do need and appreciate any help I can get in this matter…Thanks…

    Sugarplum

    Sugarplum, you need to start your own thread about your issues, which have nothing to do with the OP’s problem. Thanks.

    So, they wouldn’t have gotten passwords out the config file then or the wordpress admin password?

    Thanks for the information! Mine is just a personal site, so I can start over again with the latest version. I’m just worried other things may be in question (like my db password at my hosting site…) Probably call and have them change it just in case…

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Security Question…’ is closed to new replies.