a site that has an implementation of WordPress 1.2.1 was hacked a couple times this week due to this vulnerability (I know I should just upgrade, but don’t have the time right now…) so I was wondering if what I did, solved the problem… I downloaded the latest stable release of the xmlrpc module, when I unzipped the files, I found two files among the many that resembled these two files in wordpress: ‘class-xmlrpcs.php’ and ‘class-xmlrpc.php’. The files were ‘xmlrpcs.inc’ and ‘xmlrpc.inc’. I scanned the files and they looked similar so I simply changed the names and uploaded them. Things seem to work, but was wondering if doing what I did will solve the vulnerability problem??
Thanks for the help.
- The topic ‘“vulnerability in the XMLRPC module for PHP”’ is closed to new replies.