AffiliateSystem.us

Blog

 
 
 
Upcoming-Events
no events
 
  Categories
 
Subscribe in a reader
 

BLOG

Posts Tagged ‘how to install wordpress blog’

Wordpress - Got Hacked? Are You Safe?

Thursday, December 3rd, 2009

I got an email from an internet marketing buddy of mine, with the subject line “Have you been hacked?”

After opening the email I learned that is very successful web site had been hacked by using a back door found in his wordpress installation. If you are using a version of wordpress earlier then 2.8.6 they you maybe vulnerable to attack.

Here’s what is posted on http://wordpress.org

WordPress 2.8.4: Security Release
Posted August 12, 2009 by Matt. Filed under Releases, Security.
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying.
We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress.

WordPress 2.8.6 Security Release
Posted November 12, 2009 by Ryan Boren. Filed under Releases, Security.
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.  If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.
The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch.  The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.
Get WordPress 2.8.6.

If you have ever tried to upgrade your wordpress before, you know it’s pretty difficult.
I found a plugin that upgrades your wordpress automatically (Automatic Worpress Upgrade Plugin)

Once installed all you have to do is click on upgrade. Then it takes you through five or six screens of questions (you simply click on continue to the next page). The plugin downloads and installs the new version of wordpress, as well as backs up and updates your SQL database.

Tags: , ,
Posted in Announcements, Free Advertising Techniques, Industry News | 7 Comments »