Pressed Words » Trojan http://pressedwords.com News and commentary about all things WordPress Thu, 11 Jun 2009 03:54:22 +0000 en-US hourly 1 http://wordpress.org/?v=4.1 Beware Upgrading to a Fake WordPress 2.6.4 http://pressedwords.com/beware-trojan-wordpress/ http://pressedwords.com/beware-trojan-wordpress/#comments Fri, 07 Nov 2008 12:49:26 +0000 http://pressedwords.com/?p=121 The Register mentions an attack on WordPress blogs that tells users to upgrade to a bogus 2.6.4 version of WordPress.

This attack seems to be taking advantage of the security vulnerability that necessitated WordPress 2.6.3, whereby if an attacker could get control of an RSS feed that you publish on your blog (for example using the RSS widget), he might be able to execute any commands.

]]> http://pressedwords.com/beware-trojan-wordpress/feed/ 1