WordPress just made a post on their blog titled How to Keep WordPress Secure

Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.

I always recommend you be using the latest version and this thing seems to be a nasty little bug. Have heard from a couple friends that they have had this and it is a bear to fox.

Make sure that you have your blogs updated to the latest version.

Keep updated with the latest information


Technorati Tags: security bug WordPress, wordpress, WordPress security, wordpress-upgrade

Tagged with:

Filed under: information

Like this post? Subscribe to my RSS feed and get loads more!