Security Warning For WordPress Blogs Against Smart Worm

WordPress has warned Administrators of selfhosted wordpress blogs who have not upgraded to latest wordpress 2.8.4 against smart worm. The worm spreads by exploiting and old security vulnerablity.The company is warning that the worm is spreading and it has only been identified bewcasue of flaws in the malware’s design.


“This particular worm, registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then use JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts,”

How to Keep WordPress Secure

The worm’s poor design means that it breaks links on user’s page, alerting them to the fact that something is wrong.

Also Read WordPress 2.8.4 Security Update Released

Leave a Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.