Today my WordPress 2.7 blog got hacked by a friend of mine. He said he was able to do this and i wouldnt believe him so i took the risk 🙂
He took over my admin account, created a new password for it and changed the e-mail adress of it.
Lucky after all, it was a friend of me, but this should not be possible,… right?
He told me he used sql injection on it. Is this a known bug?
- The topic ‘WordPress 2.7 Admin takeover’ is closed to new replies.