Support » Everything else WordPress » Weakness in some installations of WP

  • In the last 24 hours I have received emails from folk I know directing me to different wp sites. My friends did not send the emails (their emails were hacked!)but I recognized the impossibility of the addresses as a wp user. The sites were strep throat treatments and Both emails directed me to a page in /wp-content/themes/…..

    I suspect a trojan was lurking

    For general info

Viewing 5 replies - 1 through 5 (of 5 total)
  • It’s not really a wp security issue as from the look of it, the sites’ admin was hacked and someone left a html file with mailicious code in the themes folder

    Yeah, kinda hard to do anything about that.

    If your server’s not secure, we can’t fix it for you.

    I probably didn’t make this clear…my fault,

    I don’t have the problem…double protection on admin etc, I was only saying that s couple of other peoples’ sites had been hacked and as a result of that weird emails are flying about from other peoples’ emails accounts that point you to hacked wp sites where you can get hooked by trojans which in turn hack your email accounts.

    My only problem with hackers has been people leaving iffy files in the word press folder which I only spotted when Norton blocked 2 of them when I was backing up to my local pc. They were sitemaps.php and template-rss.php which I reported a while back.

    Neither did any damage on the server

    Thanks for the replies

    No, I get what you;re saying, but … there’s nothing we can do. You can tell your friends ‘Yo, dawg, you been hacked!’ but it’s not a flaw in WP. If it’s a weakness, it’s in a plugin or the server :/ So pretty much we can say ‘Yeah, it happens. Nothing we can do until they show up and ask for help and can provide details only they have. Sucks.’

    It probably sounds like I’m dismissive. I’m more resigned.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Weakness in some installations of WP’ is closed to new replies.