Pawel Szulencki Search Engine Optimization/Marketing blog.
(No Ratings Yet)
Loading ...If you're new here, you may want to subscribe to my RSS feed or follow me on Twitter. Thanks for visiting!
If you upgraded to the latest version of Worppress you should be aware of a security hole which make possible other users to see your plugins, steal informations or even possibly your blog.
Just make a simple Google search for “index of/wp-content/plugins” and you will gain access to over 270 000 (that number may vary depending on location) blogs that have already upgraded to the latest Wordpress version.
To protect you need to create a index.html file and place it in the plugins folder on your server. That way the browser will load the index.html file instead of displaying your plugins folder.
Read the instructions at Mr. Javo blog.
Sphere: Related Content- Tags: WordPress
Other Interesting Entries
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.2 Responses to “Wordpress 2.6 security hole”
Add New Comment
About this blog
Pawel Szulencki is a SEO (Search Engine Optimization) and Marketing certified specialist who is interested in organic SEO, paid campaigns (PPC) and Social Media Marketing channels. (Read more)
Search Engine Marketing Book (1 comments.)
July 29th, 2008 at 11:43 pm
Yes, beware of this….
Pawel Szulencki (24 comments.)
July 30th, 2008 at 10:04 am
When i last checked it still more than 268,000 results showing updated WordPress blogs, yet without security fix, on Google. Thats bad.