Skip to content


Wordpress wp-trackback.php flaw

I find it pretty annoying to read through system logs and see that people in Russia appear to be loudly searching for systems vulnerable to a wp-trackback.php flaw. Is this the one from 2005 or the one from 2006, or is this a result of the January 5th, 2007 security warning and 2.0.6 release?

It appears the Russians (or at least Russian speaking users, perhaps someone who is a fan of Belfegor, coming from cedsl.simtel.ru:3128 (Oops 1.5.24 proxy) using 89.19.160.21) are trying the following Google query to find targets:

http://www.google.ru/search?q=inurl:wp-trackback.php&hl=ru&lr=&newwindow=1&start=10&sa=N

Patch, patch, patch

Posted in Security.


One Response

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. Milan says

    Thanks for letting me know about this. I missed the announcement on the WordPress dashboard.



Some HTML is OK

or, reply to this post via trackback.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word