There is a security exploit going around, and it could affect anyone not using the most up-to-date version of WordPress at the moment, which is WordPress 2.8.4. Lorelle has a good writeup on how old WordPress versions are under attack. To summarize, here’s what to look out for if you think your WordPress site may have been compromised.
- Unusual additions to your WordPress permalink structure. If you see anything like “eval” and/or “base64_decode” in your URLs, you’ve already been hit.
- This is a real kicker: a hidden admin account. That’s right, the exploit can let the attacker set up a hidden admin account that may not even be displayed in your user list.
This post offers some solutions if you have already been hacked. Remove the extra permalink code in Settings → Permalinks, remove the extra admin account, and (obviously) upgrade to the latest version of WordPress.
Has anyone been affected by this exploit? I’m happy to say out of all of my WordPress sites, I haven’t been hit, although I have still upgraded all of my WordPress installations to the latest version, including Theme Lab, and I highly recommend you do the same (as long as you backup first). Just another reason to keep your WordPress version up-to-date.
Looking for web hosting?
Question: What's the best type of web hosting?
Answer: The kind you don't have to worry about.
And that's precisely why I recommend HostGator. I've been using them myself for years and they've been nothing short of superb.
Fast load times, great support, WordPress-friendly, and good prices. Not much more you can ask for.
New customers can get 25% off of any HostGator web hosting package with the coupon: themelab25percentoffNote: I am a HostGator affiliate, but that doesn't make my recommendation any less genuine.