Ready to get started?Download WordPress


WordPress 2.7 Admin takeover (6 posts)

  1. zvoort
    Posted 6 years ago #

    Hi there,

    Today my WordPress 2.7 blog got hacked by a friend of mine. He said he was able to do this and i wouldnt believe him so i took the risk :)

    He took over my admin account, created a new password for it and changed the e-mail adress of it.

    Lucky after all, it was a friend of me, but this should not be possible,... right?

    He told me he used sql injection on it. Is this a known bug?

  2. Samuel B
    Posted 6 years ago #

    please email security@wordpress.org to verify

  3. The J
    Posted 6 years ago #


    Someone hacked mine too.

    single.php and wp-config got changed/replaced

  4. kchayka
    Posted 6 years ago #

    What is the status of this? I don't want to upgrade if there is a chance my client sites could easily be hacked. I've got clients on both Windows and Linux servers.

  5. zvoort
    Posted 6 years ago #

    Hmz, thank you guys but i won't get an answer from the guy. Still trying, if i got an update i will let you guys know.

  6. Franz Josef Kaiser
    Posted 6 years ago #

    yeah, please kick his a** and get some answers. 2.7 is new and definitely worth an upgrade, but not if i´m hearing that it got hacked a third time...

Topic Closed

This topic has been closed to new replies.

About this Topic