It doesn’t seem like they gained access to my entire server, because it was only sites running wordpress that were affected, and there are many, many other sites on there. I’ve removed the older versions of WP on the system. What else should I do?
That post was probably from before I updgraded.
There’s a chance there’s an older install of WP on the server somewhere. Is it possible if someone hacks an older version of WP on the same server, that they could gain access to newer versions?
