Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 30

Thread: WordPress Attack Underway: WordPress Users Must Upgrade [ALERT]

  1. #11
    texashiker's Avatar
    texashiker is offline Net Builder
    Join Date
    Mar 2009
    Posts
    262
    Thanks
    1
    Thanked 56 Times in 46 Posts
    People were warned 1 - 2 months ago there were some security updates. There is no reason for not updating.

    If someone did not update, and their site was hacked - I'am sorry but you knew this day would come.

  2. #12
    jakki's Avatar
    jakki is offline Directory Submission Service
    Join Date
    Mar 2009
    Posts
    963
    Blog Entries
    2
    Thanks
    146
    Thanked 90 Times in 74 Posts
    Thanks for warning,

    just update my blog. ")
    Premium Directory :: PR4 Submit Your Link
    Lamrod.org :: Best Product Review and Price Comparison Site One LD :: PR1 Directory



  3. #13
    TopDogger's Avatar
    TopDogger is offline Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,029
    Thanks
    345
    Thanked 901 Times in 689 Posts
    The automatic WordPress update stopped working for me with version 2.8.2. It was working prior to that.

    If you have not been hacked, all that you need to do is to copy the 2.8.4 files over the old files and run /wp-admin/update.php. I just updated a version 2.7 blog and had no problems with the update. Most of my other blogs used newer versions.

    These almost continual WordPress updates are getting to be a real pain in the rear, but this situation shows why it is important to keep up with the updates.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  4. Thanked by:

    bogart (8 September, 2009)

  5. #14
    bogart's Avatar
    bogart is offline Super Moderator
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Thanks
    1,886
    Thanked 776 Times in 609 Posts
    If you are updating and old wordpress 2.5 or older. You should use the new wp-config-sample.php file and copy you db info into it.

    Using the old wp-config.php may give you some problems as there is new info in the more current file.

  6. #15
    A12Alex is offline Newbie Net Builder
    Join Date
    Feb 2009
    Location
    Queensland, Australia.
    Posts
    90
    Blog Entries
    1
    Thanks
    15
    Thanked 9 Times in 6 Posts
    It's not like it's hard to back up the database and click a button...

    Also, read: WordPress › Blog How to Keep WordPress Secure
    My Awesome Signature is awesome...

  7. #16
    Pathan's Avatar
    Pathan is offline Newbie Net Builder
    Join Date
    Aug 2009
    Posts
    42
    Thanks
    6
    Thanked 2 Times in 2 Posts
    I have also just updated all blogs to 2.8.4

  8. #17
    Snak3's Avatar
    Snak3 is offline Moderator
    Join Date
    Jul 2009
    Location
    Undisclosed Location
    Posts
    629
    Thanks
    155
    Thanked 190 Times in 121 Posts
    Just an Update to All : This vulnerability can be exploited only for WP versions between 2.8.0 and 2.8.3

    Here's an article i found on Vladimir Prelovac's(Extremely well-known Wordpress Plugin developer and SEO expert) Blog :

    WordPress versions between 2.8.0 and 2.8.3 have a major security issue which allows anyone (not just hackers, but literally anyone) to change the admin password on your blog in a matter of minutes. Full info can be found *snipped for security reasons*
    Version 2.8.4 was created to remedy that and I hope most of you already upgraded.
    Many people will not click the upgrade link right away and even more will not bother to read the explanation on the development blog about the latest patch.
    My feeling is that in a situation like this where security is severely compromised I feel WordPress should have another mechanism of displaying big red warning advising the user to upgrade immediately or even performing the upgrade by itself.

  9. #18
    Come's Avatar
    Come is offline Building a Twitter Empire
    Join Date
    Dec 2008
    Location
    Martinique, FWI
    Posts
    321
    Blog Entries
    6
    Thanks
    27
    Thanked 43 Times in 36 Posts
    bullshit
    You can reset password, not change it with the one you want.

  10. #19
    Snak3's Avatar
    Snak3 is offline Moderator
    Join Date
    Jul 2009
    Location
    Undisclosed Location
    Posts
    629
    Thanks
    155
    Thanked 190 Times in 121 Posts
    Quote Originally Posted by Come View Post
    bullshit
    You can reset password, not change it with the one you want.
    Resetting is as good as changing as far as you know what the password is and its only you who know it.

  11. #20
    avdo88 is offline Net Builder
    Join Date
    Sep 2009
    Location
    Croatia
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    hmmm..done!! allmost hurt myself..didn't know about that

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Wordpress Automatic Upgrade Problem
    By Pathan in forum Wordpress
    Replies: 9
    Last Post: 13 September, 2009, 07:39 AM
  2. Replies: 14
    Last Post: 30 August, 2009, 02:33 AM
  3. Replies: 0
    Last Post: 2 August, 2009, 06:59 AM
  4. Wordpress 2.8.1 upgrade mandatory
    By sizzler_chetan in forum Wordpress
    Replies: 3
    Last Post: 11 July, 2009, 21:01 PM
  5. SEO Tip for Wordpress users.
    By mega in forum Promoting
    Replies: 0
    Last Post: 10 May, 2009, 23:58 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •