WordPress vulnerabilities – no one is safe

by Lee Hopkins on March 27, 2008 · 2 comments

in miscellaneous

Guardian angel Jon Hoel from the PR Junction podcast has pointed out that a really horrible security breach is doing the rounds of WordPress blogs.

Says Jon,

Hi Lee,
The PR agencies may not have come around yet, but the spammers are certainly giving blogs plenty of attention.

Site hack issue as discussed:  HTML appears in your blog posts – invisible on your blog, but shows up on RSS reader and email distribution.

Even the latest versions of WordPress (Version 2.3.3) are vulnerable: http://wordpress.org/support/topic/162092

To ‘harden’ your WordPress blogs, you might want to check out these links as well:
http://codex.wordpress.org/Hardening_WordPress

Thanks, Jon — I’ve installed the AskApache Password Protect plugin across many of the various blogs of mine and my clients, but there are some hassles with some of the hosts who have bizarre hosting arrangements (finger pointed at Melbourne IT in particular – on the one hand they have superb bandwidth allowances, on the other their blog hosting completely and utterly sucks).

Currently listening to: Moby – Hotel – Temptation

  • http://www.ijump.co.nz/ Marie

    Hi Lee,

    Thanks so much for this article we have a wordpress website so it was great to read your post.

    We are your social media cousins here in NZ.

    Keep up the great work in Oz, my sister lives in Adelaide so the next time we’re in the neighbour we’ll come and say HI

    Best,
    Marie

  • http://www.ijump.co.nz Marie

    Hi Lee,

    Thanks so much for this article we have a wordpress website so it was great to read your post.

    We are your social media cousins here in NZ.

    Keep up the great work in Oz, my sister lives in Adelaide so the next time we’re in the neighbour we’ll come and say HI

    Best,
    Marie

Previous post:

Next post: