Comments on: WordPress 2.2 Security Hole: Identity Theft

By: Lloyd Budd

Lloyd Budd — Mon, 02 Feb 2009 14:05:02 +0000

Releasing this as part of WordPresss 2.2.1 is a top priority.

By: UeberTs Thoughts » strange accesses to Wordpress register page

UeberTs Thoughts » strange accesses to Wordpress register page — Thu, 11 Sep 2008 09:24:13 +0000

[...] wonder if it has to do with the current security hole (is there already an exploit ?), an earlier for WordPress 2.2 or simply spam [...]

By: Hindsight… It’s is a wonderful thing! « Lee Kelleher’s Weblog

Fri, 18 Jul 2008 23:03:16 +0000

[...] to say, WordPress 2.2 has an ugly security hole which allows hackers to remotely inject SQL statements into the database. I’d heard about [...]

By: Ness

Ness — Sat, 16 Feb 2008 15:47:23 +0000

Good heavens. I just removed that version thingy!

By: kev

kev — Sun, 07 Oct 2007 23:35:07 +0000

Do yourself a huge favor and take the version number out of your templates

I totally agree with you Tyler. This should be a strong recommandation to any template maker.

BTW, starting from RC1, K2 (the theme I use on this blog) will no longer show the WordPress version number to the user. Sadly, it will be still there in the html code. So it’s a good start but not a solution at all…

By: Tyler

Tyler — Thu, 23 Aug 2007 23:54:18 +0000

Do yourself a huge favor and take the version number out of your templates, no one really needs to know what you’re running. People will just google for vulnerable versions, and can even automate the attack.

By: mhm

mhm — Tue, 17 Jul 2007 13:04:37 +0000

very interesting

By: Prevent Wordpress hacking » Sha dot Com Anak Melayu boleh blog! Mana gadis manis melayu aku?

Wed, 27 Jun 2007 01:47:29 +0000

[...] to WordPress v2.2.1, please do so immediately. There has been bloggers on v2.2 like Hongkiat and coolkevman, who got hacked. The hackers search for blogs with v2.2 keyword string and did their worse. You [...]

By: Don’t get hacked! » Sha Money Maker dot com

Don’t get hacked! » Sha Money Maker dot com — Wed, 27 Jun 2007 00:05:36 +0000

By: PsychoPhil - Drink More Beer

PsychoPhil - Drink More Beer — Fri, 22 Jun 2007 21:18:07 +0000

[...] WordPress 2.2 Security Hole: Identity Theft (tags: security wordpress software internet) – Posted in del.icio.us by del.icio.us trackback [...]