Title: thread7's Replies | WordPress.org --- # thread7 [ ](https://wordpress.org/support/users/thread7/) * [Profile](https://wordpress.org/support/users/thread7/) * [Topics Started](https://wordpress.org/support/users/thread7/topics/) * [Replies Created](https://wordpress.org/support/users/thread7/replies/) * [Reviews Written](https://wordpress.org/support/users/thread7/reviews/) * [Topics Replied To](https://wordpress.org/support/users/thread7/replied-to/) * [Engagements](https://wordpress.org/support/users/thread7/engagements/) * [Favorites](https://wordpress.org/support/users/thread7/favorites/) Search replies: ## Forum Replies Created Viewing 5 replies - 1 through 5 (of 5 total) * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [My site was Hacked](https://wordpress.org/support/topic/my-site-was-hacked-1/) * Thread Starter [thread7](https://wordpress.org/support/users/thread7/) * (@thread7) * [16 years, 8 months ago](https://wordpress.org/support/topic/my-site-was-hacked-1/#post-1206476) * Thanks jdembowski. If you read your reply again carefully you prove my point. # 1. Your first link (to [http://wordpress.org/support/topic/307660](http://wordpress.org/support/topic/307660)) states that all security problems are with older versions of WordPress. I’ve already stated in this thread several times that I was using the most recent version. * #2. There is no sticky thread in this forum stating that if you’ve been hacked to send your logs to [security@wordpress.org](https://wordpress.org/support/users/thread7/replies/security@wordpress.org?output_format=md). None of the links that people have provided or I’ve found myself ever mentioned to do this. I would think that should be a little easier to find, don’t you? * That is why I am saying security in WordPress isn’t being taken as seriously as it needs to be. I’d guess the 5,000 other sites that were hacked by the same guy would agree. * Don’t believe me? I Googled the guy and here are several other sites that were hacked, all using WordPress 2.8+. [http://www.ecolifeadvisors.com/](http://www.ecolifeadvisors.com/)– WordPress 2.8 [http://unlimitediphoneapps.com/](http://unlimitediphoneapps.com/)– WordPress 2.8 [http://spyera.com/tag/sms](http://spyera.com/tag/sms) – WordPress 2.8.4 [http://chodely.com](http://chodely.com) – WordPress 2.8.3 * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [My site was Hacked](https://wordpress.org/support/topic/my-site-was-hacked-1/) * Thread Starter [thread7](https://wordpress.org/support/users/thread7/) * (@thread7) * [16 years, 8 months ago](https://wordpress.org/support/topic/my-site-was-hacked-1/#post-1206445) * I search these forums and I can’t find good discussions about protecting against vulnerabilities. I follow the links provided by the people above who were kind enough to answer me, and there is a lot of good information on those sites. I’ve followed the recommendations. But frankly a lot of that information is a year old. I still have no idea how I was hacked if I had version 2.8.4. If I do a Google search for my culprit – [hackerpro79@yahoo.com](https://wordpress.org/support/users/thread7/replies/hackerpro79@yahoo.com?output_format=md)– I get 5000 results! Thousands of other sites were hacked just like mine yet he/ she isn’t even mentioned once in these forums. And still this forum is so busy that my post can’t stay on the front page for longer than 45 minutes. I just think there is a big problem and no one is addressing it. I want to get a discussion going. Either a WordPress developer will notice and investigate the problem or a forum admin will realize there needs to be a forum dedicated to security. I used to use an ASP based forum package and it was riddled with security holes that were always addressed too little too late. I finally had to stop using it. Since I’ve discovered WordPress I like it and want to keep using it. But if security isn’t given enough attention I’ll be faced without a tough decision. * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [My site was Hacked](https://wordpress.org/support/topic/my-site-was-hacked-1/) * Thread Starter [thread7](https://wordpress.org/support/users/thread7/) * (@thread7) * [16 years, 8 months ago](https://wordpress.org/support/topic/my-site-was-hacked-1/#post-1206421) * Hmmm. Once thing that is too bad is that just about all the plug-ins that help you with security are out of date and untested with 2.8.4. Especially: Chap Secure Login WordPress Exploit Scanner AskApache Password Protect WP Security Scan * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [My site was Hacked](https://wordpress.org/support/topic/my-site-was-hacked-1/) * Thread Starter [thread7](https://wordpress.org/support/users/thread7/) * (@thread7) * [16 years, 8 months ago](https://wordpress.org/support/topic/my-site-was-hacked-1/#post-1206407) * bump * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [My site was Hacked](https://wordpress.org/support/topic/my-site-was-hacked-1/) * Thread Starter [thread7](https://wordpress.org/support/users/thread7/) * (@thread7) * [16 years, 8 months ago](https://wordpress.org/support/topic/my-site-was-hacked-1/#post-1206394) * I have two plug-ins that are active: Simple Sidebar Navigation ver 2.1.0 (2.1.2 is available) All in One SEO Pack ver 1.6.4.1 (1.6.5 is available) * I have 3 more plug-ins that are inactive: Featured Content Gallery Hello Dolly Akismet ver 2.2.6 * I don’t have any forums. Are the plug-ins the more likely culprit? Both active ones were not updated to the most recent version. Viewing 5 replies - 1 through 5 (of 5 total)