WordPress Exploit on Milw0rm.

Following yesterdays security announcement for wordpress, a freely available exploit has been published on milw0rm. What this means is… if you haven’t upgraded DO IT NOW, as the amount of attacks will go up very quickly.

If you look through the exploit you can see that it takes advantage of existing user accounts, so a further security option can be to disable the “anyone can register” option… within wordpress admin, click options -> general and “untick” the box. (If it is on and you don’t need it)

Note the explot mentions that it hasn’t been tested on the 2.0.x series, but bare in mind that the wordpress team updated both trees so the chances are it will work, so both 2.1.x & 2.0.x users should upgrade.

rgds,

Nick

One thought on “WordPress Exploit on Milw0rm.

  1. Pingback: More WordPress Exploits on Milw0rm - [LINICKX].com

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>