Romantic Robot Working on it.

13:00 Fri 24 Jun 2005


Filed under: WordPress — 13:00 Fri 24 Jun 05

I’ve checked a few blogs, and some of you are not running the latest version of WP which is
There IS a security issue with previous versions. It has been reported in the forums so there will be people out there trying these exploits. Upgrade your blog!

  • Upgrade to
  • Then delete the following files:install.php, install-helper.php, upgrade.php, upgrade-schema.php
  • Install IOError’s Bad Behavior plugin
  • And while you are there, make sure your login password is a good one. Make it at least 8 characters and a mix of numbers, lower-case and upper-case letters. If you have other members with admin priviledges, nag them too about this.
  • If you are okay doing in phpMyAdmin, you should change your ‘table_prefix’. It’s set in the wp-config file and if you just change it there you will get an error so you need to change all of them in the database.


  1. Yesterday, while I was browsing through one of Mark’s posts I decided it’s really time to upgrade this blog from WP1.5.1.1. to I did, and it was as smooth as always. Then I thought maybe would be a good idea to follow his other advice, too: doing something about the spam.

    Pingback by Development Blog — 19:26 Sat 25 Jun 2005 @ 19:26 Sat 25 Jun 05

  2. As Mark says if you’re running a wordpress version earlier than then upgrade (please). An expoit exists and lots of people are being hit! Tags: wordpress

    Pingback by Peter Westwood — 22:22 Sat 9 Jul 2005 @ 22:22 Sat 9 Jul 05

  3. Go Mark Go. – Bad Behavior Rocks.

    Comment by westi — 13:33 Fri 24 Jun 2005 @ 13:33 Fri 24 Jun 05

  4. […] exploited! 12:44 pm Wordpress Asides Tagswordpress As Mark says if your running a wordpress version earlier than then upgrade (please). […]

    Pingback by Peter Westwood » Upgrade or get exploited! — 13:45 Fri 24 Jun 2005 @ 13:45 Fri 24 Jun 05

  5. Hello Mark
    I looked for these files and can’t find them, Some kind person must have done it for me ;)?
    I read somewhere that there was no need to do a full update to Instead just copy over a line of code. Damn if I can remember who’s blog I got it from ? However it did not change the version number to
    I saved the line of code but erm can’t find it now. Did anyone else do this ?
    Bad behaviour was done last week and stop comment spam dead.

    spell check gone wonky Mark

    Comment by joss — 17:37 Fri 24 Jun 2005 @ 17:37 Fri 24 Jun 05

  6. follow up to my previous post. I found the manual fix which is as follows; here is the link

    Please note this does not update the version number to it just stays as

    1. Open the wp-includes/template-functions-category.php file in a text editor like Wordpad.
    2. Go to around line 103 where it says get_the_category_by_ID.
    3. Create a new line after that and paste in $cat_ID = (int) $cat_ID;

    Comment by joss — 19:22 Fri 24 Jun 2005 @ 19:22 Fri 24 Jun 05

  7. That IS the security fix yes, though there was a glitch or two elsewhere fixed I think, so a full upgrade is what I would recommend.

    As it stands, with a single line of code someone can fully access your site.

    Comment by Mark — 19:29 Fri 24 Jun 2005 @ 19:29 Fri 24 Jun 05

  8. Yes Mark, the way I have read it, it is the security update from WP as per link I posted. If I am wrong then please do let me know. Sorry if I got it wrong;(

    Comment by joss — 19:59 Fri 24 Jun 2005 @ 19:59 Fri 24 Jun 05

  9. Ill do mine later, when I get round to reinstalling my FTP client.

    Comment by -slh- — 10:20 Sat 25 Jun 2005 @ 10:20 Sat 25 Jun 05

  10. […] attempted UNION exploit For those of you using WordPress, you did heed Mark’ warning, upgraded to WP, and did the other steps that he recommend […]

    Pingback by Careless Thought » attempted UNION exploit — 21:03 Sat 25 Jun 2005 @ 21:03 Sat 25 Jun 05

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress