Support » Fixing WordPress » “vulnerability in the XMLRPC module for PHP”

  • a site that has an implementation of WordPress 1.2.1 was hacked a couple times this week due to this vulnerability (I know I should just upgrade, but don’t have the time right now…) so I was wondering if what I did, solved the problem… I downloaded the latest stable release of the xmlrpc module, when I unzipped the files, I found two files among the many that resembled these two files in wordpress: ‘class-xmlrpcs.php’ and ‘class-xmlrpc.php’. The files were ‘’ and ‘’. I scanned the files and they looked similar so I simply changed the names and uploaded them. Things seem to work, but was wondering if doing what I did will solve the vulnerability problem??
    Thanks for the help.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Even if you managed to solve that particular hole, there are still others.

    It’s WAY past time to upgrade to 1.5.2. 😉

    point taken… thanks.

    Based on several updates I’ve done I’d say the time spent on “scanning the files” and “changing names” (plus writing the post here) etc. probably was longer than the update itself would have been 🙂

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘“vulnerability in the XMLRPC module for PHP”’ is closed to new replies.