Comments on: Upgrade!

By: Careless Thought » attempted UNION exploit

Careless Thought » attempted UNION exploit — Sat, 25 Jun 2005 20:03:54 +0000

[...] attempted UNION exploit For those of you using WordPress, you did heed Mark’ warning, upgraded to WP 1.5.1.2, and did the other steps that he recommend [...]

By: -slh-

-slh- — Sat, 25 Jun 2005 09:20:54 +0000

Ill do mine later, when I get round to reinstalling my FTP client.

By: joss

joss — Fri, 24 Jun 2005 18:59:52 +0000

Yes Mark, the way I have read it, it is the security update from WP as per link I posted. If I am wrong then please do let me know. Sorry if I got it wrong;(

By: Mark

Mark — Fri, 24 Jun 2005 18:29:30 +0000

That IS the security fix yes, though there was a glitch or two elsewhere fixed I think, so a full upgrade is what I would recommend.

As it stands, with a single line of code someone can fully access your site.

By: joss

joss — Fri, 24 Jun 2005 18:22:23 +0000

follow up to my previous post. I found the manual fix which is as follows; here is the link

Please note this does not update the version number to 1.5.1.2 it just stays as 1.5.1.1

1. Open the wp-includes/template-functions-category.php file in a text editor like Wordpad.
2. Go to around line 103 where it says get_the_category_by_ID.
3. Create a new line after that and paste in $cat_ID = (int) $cat_ID;

By: joss

joss — Fri, 24 Jun 2005 16:37:21 +0000

Hello Mark
I looked for these files and can’t find them, Some kind person must have done it for me ;)?
I read somewhere that there was no need to do a full update to 1.5.1.2 Instead just copy over a line of code. Damn if I can remember who’s blog I got it from ? However it did not change the version number to 1.5.1.2
I saved the line of code but erm can’t find it now. Did anyone else do this ?
Bad behaviour was done last week and stop comment spam dead.

spell check gone wonky Mark

By: Peter Westwood » Upgrade or get exploited!

Peter Westwood » Upgrade or get exploited! — Fri, 24 Jun 2005 12:45:04 +0000

[...] exploited! 12:44 pm Wordpress Asides Tagswordpress As Mark says if your running a wordpress version earlier than 1.5.1.2 then upgrade (please). [...]

By: westi

westi — Fri, 24 Jun 2005 12:33:47 +0000

Go Mark Go. - Bad Behavior Rocks.

By: Development Blog

Development Blog — Wed, 31 Dec 1969 19:00:00 +0000

Yesterday, while I was browsing through one of MarkÃ¢â‚¬â„¢s posts I decided itÃ¢â‚¬â„¢s really time to upgrade this blog from WP1.5.1.1. to 1.5.1.2. I did, and it was as smooth as always. Then I thought maybe would be a good idea to follow his other advice, too: doing something about the spam.

By: Peter Westwood

Peter Westwood — Wed, 31 Dec 1969 19:00:00 +0000

As Mark says if youÃ¢â‚¬â„¢re running a wordpress version earlier than 1.5.1.2 then upgrade (please). An expoit exists and lots of people are being hit! Tags: wordpress