Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

TygrBright

(20,987 posts)
Mon Feb 6, 2017, 01:38 PM Feb 2017

If you have a WordPress website, PLEASE NOTE: FIX THIS ASAP

>cross-posting in Computer Help and Support<

The recent 4.7.1 release of WordPress software contained a large hole enabling privilege updating and content injection.

They quietly fixed it with the 4.7.2 release-- 'quietly' because it's so big and so easily-exploitable a hole that anyone with the older version is extremely vulnerable and they were hoping to get as many people updated as possible before doing a public "my bad" that would alert crackers to the fun and easy exploit possibilities.

And, sure enough, as soon as the word got out, thousands of sites that hadn't updated were targeted with varying levels of nastiness.

So please, if you have a WordPress site, check to see you are running 4.7.2, and if you find you have the older version, first check to see if you've been hacked: the clue is usually replacement titles on your posts, sometimes they are also redirect links so DO NOT CLICK on any weird-looking titles. Go to WordPress help forums and find this handy guide: https://codex.wordpress.org/FAQ_My_site_was_hacked

Work it through, and then restore from an older content backup, if you have to.

If you haven't been hacked, update to 4.7.2 immediately and thank your lucky stars.

helpfully,
Bright

6 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
If you have a WordPress website, PLEASE NOTE: FIX THIS ASAP (Original Post) TygrBright Feb 2017 OP
Message auto-removed Name removed Aug 2019 #1
Spam deleted by MIR Team thetvbytesoft Oct 2019 #2
Message auto-removed Name removed Nov 2019 #3
Message auto-removed Name removed May 2020 #4
Spam deleted by MIR Team johnolivar Aug 2020 #5
Thanks aleesiazane Aug 2020 #6

Response to TygrBright (Original post)

Response to TygrBright (Original post)

Response to TygrBright (Original post)

Response to TygrBright (Original post)

Response to TygrBright (Original post)

Latest Discussions»Retired Forums»Website, DB, & Software Developers»If you have a WordPress w...