Wordpress 2.1.1 source backdoored

The Wordpress development team has a notification up on their blog that version 2.1.1 of Wordpress has been compromised, and code was added which allows remote code execution. This happened during a user-level compromise of one of their servers.

While not all 2.1.1 downloads have been affected, they advise that everyone running this version should upgrade to version 2.1.2 immediately. This version is fully verified and is not backdoored.

By way of mitigation, hosting providers that are not aware of the Wordpress versions running across their user base may wish to block access to theme.php and feed.php with a query string of 'ix=' or 'iz='.

More information: Wordpress.org


158 Posts
Mar 4th 2007

Sign Up for Free or Log In to start participating in the conversation!