Hey guys, one of my Wordpress sites (just a pointless blog that I write in from time to time) was hacked by someone. They didn't do anything as far as I can tell except changed the content of my latest post with "this site was hacked by BLAH BLAH BLAH" with "blah blah blah" being their name/codename/whatever. I was so freaked out when I went to my site and saw that that I immediately deleted the post, and I don't remember who it was. It was "deviL" or "dx" or something along those lines. Anyhoo, anyone have any ideas what might have happened? I'm runing Wordpress 2.0.3, and was thinking about upgrading to the latest 2.1.2. (which I am doing now, as I type this). But anyways, I'm hosted with ixwebhosting.com, and from what I've found on the web, they seem to have problems with crackers hacking their servers. I've also contacted them, but I don't foresee any help from them. I know this is an "throw it out there, see what happens" thread, as I don't have any information for you. I'm not a techie person, but I have a number of Wordpress blog, and this has me worried. The hacker didn't do anything that could harm me, just changed that post, but still, I have other blogs and I'm a little worried now... Any thoughts?
If your only using 2.0.3 then its no wonder you have been hacked, the latest version of the 2.0.x series is 2.0.10. All you have to do is to remain vigilant in updating each time there is a new release.
So are you saying 2.0.3 is vulnerable? Why, how, and when? I need to know more, not just a flippant reply. Thanks.
Well I'm not saying that 2.0.3 is vulnerable, but if it wasn't vulnerable, there must be another reason that they are now up to 2.0.10, most likely on the basis that 2.0.3 is vulnerable. Simply update to the latest version 2.0.10 or 2.1.3
Hmm, okay. I thought you had some info. Oh well, thanks anyway, I am updating, but luckily I didn't quickly update when they released 2.1.1 (the last version, in March), because as it turned out, Wordpress.org ITSELF got hacked, and someone uploaded vulnerable files in the last batch of updates. So if I had updated immediately when they released their last update, I would have just had to update again because that last update was vulnerable. Just sayin'...
Its ideal to update any script you use online when there are updates just to make sure your safe because of any vulnerabilities.
yes it is vulnerable and they warned the community about it a few months ago. Just upgrade to the latest release and things should be ok
Jack , Here is a whole thread about it, There was a script kiddie, that exposed that version http://forums.digitalpoint.com/showthread.php?t=220211&highlight=script+kiddie I hope this was the answer you were looking for.
hey, same problem here but luckly I got it back and I have been using it. I had sent all my blogs in my email too thats why I was thinikng to make new one but i got back. So, it would be better for next time to save your post somewhere else too!