Helo all!
I was looking at a SEO blog I read and I found this article SEO Egghead by Jaimie Sirovich ยป Latest WordPress 2.3.1 Apparently Vulnerable To Hackers. Looks like in the current version of Wordpress people can upload HTML and hijack your blog and make it do what they want. Not Good!
This is the only place I have seen this, so I do not have a lot to back it up. I did run the plug-in from Jaimie’s blog on my blog and got responses that I belive let me know that my blog was ok.
The plug-in can be a little confusing if you are not a coder. You can go to this link and copy the code off of the page and open up a plain text editor (texedit on the mac will work or word pad on windows), and pasted the copied text in. Then at the bottom of the text you will see an email adress. Change that to your email address. Then save the file as HTMLTaintCheck.php. It is important to save the file as a php file and not as a .txt or it will not work.
Once you have the file saved, upload it to your plug-in directory and go to the admin dashboard and activate it. What I did at this point was to go to the site live and look to make sure it did not screw anything up, and then I checked my email. I found an email from myself saying all was ok.
Then go in and deactivate it. I would check every day or so until Wordpress has come out with a patch for this. Remember, do not leave it running or you will get a ton of emails sent to you, over and over.
If you have any questions or comments on this or how to work out the plug-in just drop a comment and I will get to them as soon as I can.
Thanks for Reading
If you would like to make a comment, please fill out the form below.
