Old WordPress Exploits Continue to Make Blogs Vulnerable
By Lorelle VanFossen, posted Jan 19 2010 at 9:00 am | No Comments »
Blog Security reports on an old vulnerability for WordPress versions prior to 2.8.5 DOS (Denial of Service) exploit which continues to make the rounds. Updating to WordPress 2.8.5 resolved the issue.
Reported in October 2009, this exploit involves the wp-trackback.php and could result in the attacker “using up all available memory on the affected blog.”
In September 2009, a worm targeted old WordPress version blogs tore through the web leaving many frustrated and crippled with hacked blogs. The simple task of keeping your blog updated would have protected them from this known risk.
There are a number of growing reports of old version WordPress blogs being hacked. For most upgrading from WordPress 2.8 to WordPress 2.9+ is a seamless task, especially with the built-in upgrade feature.
The WordPress Codex, the online manual for WordPress Users, article on Upgrading WordPress includes all the steps you need to know to bring your WordPress blog up to the latest version, no matter how old it is.
Other tips on upgrading your WordPress blog include Corpocrat – How to manually upgrade WordPress from older versions and WP Beginner – Ultimate Guide to Upgrade WordPress.
You can find more tips and information on recent WordPress vulnerabilities and how to handle them in Old WordPress Versions Under Attack.