triptol
Forum Replies Created
-
Forum: Plugins
In reply to: [Plugin: Dynamic Widgets] Missing Argument WarningI updated the plugin today to 1.5.4 seems that the issue is fixed in that version.
Forum: Plugins
In reply to: [Plugin: Dynamic Widgets] Missing Argument Warning@brayne, although I believe your solution will work, I think it is better to change the plugin and don’t mess with the WP internal files.
Changing line 654 in wp-content/plugins/dynamic-widgets/classes/dynwid_class.php from:
$count = $this->wpdb->get_var($this->wpdb->prepare($query));to
$count = $this->wpdb->get_var($this->wpdb->prepare($query,""));also does the trick, but in a nicer way.
Forum: Plugins
In reply to: [Plugin: AJAXed WordPress] Possible attack?Thanks for the reply. I already checked that the .accusin file is not there.
What I think happened is the following. I got hit by the following issue. What I found is that as a result of that hack files got uploaded to (among others) the livepreview directory.
Probably “they” were checking if “they” could still access those files.
Forum: Requests and Feedback
In reply to: Theme-editing exploit?I had the same problem. I only found out after I upgraded to 2.5.1 and decided to completely reinstall my blog (except for the database).
After a little bit more than half a week today I finally got lucky with the post-logger.
<?xml_version = \"1.0\"?> <methodCall><methodName>metaWeblog.getRecentPosts</methodName> <params> <param><value><string>C6CE3FFB3174106584CBB250C0B0519BF4E294</string></value></param> <param><value><string>UserName</string></value></param> <param><value><string>PassWord</string></value></param> <param><value><int>1</int></value></param> </params> </methodCall> 78.90.14.123 /xmlrpc.php May 11, 2008, 11:20 pmThere it was my (now invalid) password from some host in Bulgaria.
Now what should I do with this information?