WordPress PHP code injection vulnerability

May 26th, 2006 by Kat Kingsley-Hughes

Secunia is reporting that a vulnerability is present in [tag]WordPress [/tag]2.x which could allow hackers to gain remote access.

This vulnerability has been confirmed in WordPress 2.0.2 and may affect other versions (but not pre-2.0 versions since this doesn’t use cache files).

The current recommendation is that access is restricted to the following directories:

  • wp-content/cache/userlogins/
  • wp-content/cache/users/

This entry was posted on Friday, May 26th, 2006 at 3:38 pm and is filed under Wordpress. Both comments and pings are currently closed.

Comments are closed.

%d bloggers like this: