5th Sep 2009, 12:07 AM
| #1 |
| OffTheWallflowerChild War Room Member  Join Date: 2004 Location: USA
Posts: 2,776
Thanks: 6,161
Thanked 2,625 Times in 1,763 Posts
|  Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
   
Don't know if you guys saw this in the main forum or not, but in speaking to my host it is a serious security threat. GO AND UPGRADE ANY VERSION PRIOR TO 2.8.4 Host4Profit has some security in place and has not seen any actual hacks, but did find some attempts. Better safe than sorry - Jeff Houdyshell might* help you if you can't do it yourself. (for a fee) http://www.wordpressmax.com/  http://www.warriorforum.com/main-int...p_referer.html Leads to explanation Wordpress MySQL Injection - Permalink hack %&({${eval(base64_decode($_SERVER[HTTP_REFERER] Here is another report of a previous attack. http://www.warriorforum.com/main-int...-code-url.html From Wordpress.org WordPress 2.8.4: Security Release Posted August 12, 2009 by Matt. Filed under Releases, Security. Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very annoying. We fixed this problem last night and have been testing the fixes and looking for other problems since then. Version 2.8.4 which fixes all known problems is now available for download and is highly recommended for all users of WordPress. |
|
Patricia Brucoli Plug-In Profit Site Helpdesk | |
|  |
| The Following 2 Users Say Thank You to Patrician For This Useful Post: |
|
5th Sep 2009, 12:05 PM
| #2 |
| VIP Warrior War Room Member  Join Date: 2007 Location: Northern Alberta , Canada.
Posts: 1,888
Thanks: 2,392
Thanked 600 Times in 415 Posts
Blog Entries: 357 | Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
Hi, Patricia: I don't have a WordPress blog (yet), but thanks for posting updates like these, whether WordPress or whatever. It's good to keep each other informed just in case we miss something posted elsewhere. GT  |
|
* You Can Begin Earning Affiliate Income Here – Direct Commissions and Residual Income! * Home Business Resources and Affiliate Opportunities * Visit This Library to Expand Your Knowledge – Blog Post * Reinventing Your Life - Make the Rest of Your Life the BEST of Your Life! * Follow Me On Twitter ===> MyPowerSite <===| gtbulmer | StarrBizzcom | |
|
| |
| The Following User Says Thank You to GT For This Useful Post: |
|
5th Sep 2009, 12:30 PM
| #3 |
| Freelance Proofreader War Room Member  Join Date: 2008 Location: Pennsylvania, US
Posts: 1,564
Thanks: 55
Thanked 154 Times in 135 Posts
Blog Entries: 2 | Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
Thanks for bringing this to our attention, Pat. I've been putting off updating my blogs, but after reading this I'm going to go ahead and do it. I'm in the process of backing everything up now. Thanks! |
| AshMax - Earn $22,300 per month 100 days from now Work From Home Opportunities | Legitimate Work From Home Jobs Professional Proofreading and Editing Services Work From Home Resources Blog | |
|
| |
| The Following User Says Thank You to Alan Mater For This Useful Post: |
|
5th Sep 2009, 01:36 PM
| #4 |
| Graham Maddison War Room Member  Join Date: 2008 Location: Khon kaen, Thailand
Posts: 1,337
Thanks: 346
Thanked 318 Times in 192 Posts
| Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
Thanks Pat, after reading your alert, I have now successfully updated all of my blogs (5 of em). I really appreciate the advice. Graham |
| Trade without Boundaries. Start with $30 Trading Bonus. No Deposit Required | |
|
| |
| The Following User Says Thank You to Graham Maddison For This Useful Post: |
|
5th Sep 2009, 01:42 PM
| #5 |
| Freelance Proofreader War Room Member Join Date: 2008 Location: Pennsylvania, US
Posts: 1,564
Thanks: 55
Thanked 154 Times in 135 Posts
Blog Entries: 2 | Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
I've now upgraded both of my blogs successfully.
|
| AshMax - Earn $22,300 per month 100 days from now Work From Home Opportunities | Legitimate Work From Home Jobs Professional Proofreading and Editing Services Work From Home Resources Blog | |
|
| |
|
5th Sep 2009, 03:18 PM
| #6 |
| HyperActive Warrior War Room Member  Join Date: 2009 Location: Michigan
Posts: 114
Thanks: 63
Thanked 24 Times in 24 Posts
| Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
Saw this alert on Facebook where a friend posted this from Mashable: WordPress Attack Underway: WordPress Users Must Upgrade [ALERT] - WordPress Attack Underway: WordPress Users Must Upgrade [ALERT] I just upgraded 12 blogs. Luckily no problems but that was too close a call. Whew!! From now on I'm going to stay current on my Wordpress upgrades. Hope everyone at the forum sees this thread. |
| Color Me Social Techie sisterpreneurs helping time and tech challenged small business owners use social media and other online tools for growth and profit. | |
|
| |
| The Following User Says Thank You to xtreme newbie For This Useful Post: |
|
5th Sep 2009, 05:43 PM
| #8 |
| HyperActive Warrior  Join Date: 2006 Location: The Midwest
Posts: 210
Thanks: 1
Thanked 60 Times in 49 Posts
| Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
Always backup the database and the wp-content folder before an upgrade. In fact you should have a backup strategy. I have never needed a backup personally but have had many people contact me with lost blogs who didn't. Backup the database on H4P: Backup WordPress Database This will show you how to backup the wp-content folder and more: Scheduled Backup Of Your WordPress Blog |
| | |
|
| |
| The Following User Says Thank You to houdy For This Useful Post: |
|
11th Sep 2009, 05:39 AM
| #9 |
| HyperActive Warrior Join Date: 2006 Location: The Midwest
Posts: 210
Thanks: 1
Thanked 60 Times in 49 Posts
| Re: Upgrade Wordpress to 2.8.4 - Security Threat
Share on:
Satya if you are not seeing a warning on the upper area of the WordPress dashboard then you have the latest version and don't need to upgrade. When you login to the main dashboard you should see what version you are using and the latest right now on 9/10/09 is WordPress 2.8.4
|
| | |
|
| |
| The Following User Says Thank You to houdy For This Useful Post: |
|
13th Oct 2009, 01:30 PM
| #10 |
| Active Warrior War Room Member  Join Date: 2008 Location: , , .Greenville NC
Posts: 75
Thanks: 86
Thanked 2 Times in 2 Posts
|  How Do I upgrade my Wordpress Blog
Share on:
Hi Everyone I just saw the threat about upgrading our wordpress blogs. But how do you do that? Don't you have to backup the blog posts first? I have never done that before, how serious is the threat? Thanks Dianne
|
| http://www.onlinegreat.org Top Home Based Business http://www.onlinegreat.org/blog | |
|
| |
|
13th Oct 2009, 01:34 PM
| #11 | |
| Advanced Warrior War Room Member  Join Date: 2007 Location: Ada,OK , USA.
Posts: 910
Thanks: 107
Thanked 336 Times in 222 Posts
| Re: How Do I upgrade my Wordpress Blog
Share on:
On you back office left column look for "upgrade". Click that and it will tell you if you need to. If you do just click upgrade from there and select automatic. It will do it for you.
| |
| Find out how this guy went from being over $40,000 in debt to having total financial freedom and how you can to. ➠ Click Here: Freedom ~ ➠
| ||
|
| |
| The Following User Says Thank You to Stephen Meyer For This Useful Post: |
| Bookmarks |
| Tags |
| blog, security, threat, upgrade, wordpress |
| |
