wordpress Do you have a self-hosted blog or website running on WordPress? If so, make sure it’s updated to the current version (2.8.4). (You should see the version that you’re currently running when you login to the Dashboard.)

There is an ongoing attack on sites running older versions of the software, so it’s important to upgrade to avoid the issue. (Blogs hosted on WordPress.com are not affected.)

The following warning comes from Lorelle on WordPress:

There are two clues that your WordPress site has been attacked.

  • There are strange additions to the pretty permalinks, such as: example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))… Look for keywords like “eval” and “base64_decode.”
  • A “hidden” Administrator has been created (which you probably won’t be able to access). Check your site users for “Administrator (2)” or a name you do not recognize.

Any sites not running the current edition are STRONGLY encouraged to upgrade to the latest version WordPress. From what we’ve seen, this attack goes deep into your site and its associated database. WordPress remains an outstanding content management system that we use for many blogs and websites, and it has a strong community that is available to help. Lorelle’s post offers a number of resources to help you get the answers you need.

If you have questions about upgrading your site, please contact us … we’ll be happy to review your setup, no charge.

(All 30 Lines clients running WordPress should already be running 2.8.4. As always, please contact us anytime if you have any questions about your site.)

[gravityform id="14" title="false" description="false"]
<script type="text/javascript">var gform;gform||(document.addEventListener("gform_main_scripts_loaded",function(){gform.scriptsLoaded=!0}),window.addEventListener("DOMContentLoaded",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,initializeOnLoaded:function(o){gform.domLoaded&&gform.scriptsLoaded?o():!gform.domLoaded&&gform.scriptsLoaded?window.addEventListener("DOMContentLoaded",o):document.addEventListener("gform_main_scripts_loaded",o)},hooks:{action:{},filter:{}},addAction:function(o,n,r,t){gform.addHook("action",o,n,r,t)},addFilter:function(o,n,r,t){gform.addHook("filter",o,n,r,t)},doAction:function(o){gform.doHook("action",o,arguments)},applyFilters:function(o){return gform.doHook("filter",o,arguments)},removeAction:function(o,n){gform.removeHook("action",o,n)},removeFilter:function(o,n,r){gform.removeHook("filter",o,n,r)},addHook:function(o,n,r,t,i){null==gform.hooks[o][n]&&(gform.hooks[o][n]=[]);var e=gform.hooks[o][n];null==i&&(i=n+"_"+e.length),gform.hooks[o][n].push({tag:i,callable:r,priority:t=null==t?10:t})},doHook:function(n,o,r){var t;if(r=Array.prototype.slice.call(r,1),null!=gform.hooks[n][o]&&((o=gform.hooks[n][o]).sort(function(o,n){return o.priority-n.priority}),o.forEach(function(o){"function"!=typeof(t=o.callable)&&(t=window[t]),"action"==n?t.apply(null,r):r[0]=t.apply(null,r)})),"filter"==n)return r[0]},removeHook:function(o,n,t,i){var r;null!=gform.hooks[o][n]&&(r=(r=gform.hooks[o][n]).filter(function(o,n,r){return!!(null!=i&&i!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][n]=r)}});</script> <div class='gf_browser_unknown gform_wrapper gform_legacy_markup_wrapper' id='gform_wrapper_14' ><form method='post' enctype='multipart/form-data' id='gform_14' action='/blog/wordpress-under-attack-are-you-effected/' novalidate> <div class='gform_body gform-body'><ul id='gform_fields_14' class='gform_fields top_label form_sublabel_below description_below'><li id="field_14_1" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_1"><label class='gfield_label gfield_label_before_complex' >Name<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_complex ginput_container no_prefix has_first_name no_middle_name has_last_name no_suffix gf_name_has_2 ginput_container_name' id='input_14_1'> <span id='input_14_1_3_container' class='name_first' > <input type='text' name='input_1.3' id='input_14_1_3' value='' aria-required='true' /> <label for='input_14_1_3' >First</label> </span> <span id='input_14_1_6_container' class='name_last' > <input type='text' name='input_1.6' id='input_14_1_6' value='' aria-required='true' /> <label for='input_14_1_6' >Last</label> </span> </div></li><li id="field_14_2" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_2"><label class='gfield_label' for='input_14_2' >Email<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_email'> <input name='input_2' id='input_14_2' type='email' value='' class='medium' aria-required="true" aria-invalid="false" /> </div></li><li id="field_14_3" class="gfield field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_3"><label class='gfield_label' for='input_14_3' >Company</label><div class='ginput_container ginput_container_text'><input name='input_3' id='input_14_3' type='text' value='' class='medium' aria-invalid="false" /> </div></li><li id="field_14_5" class="gfield field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_5"><label class='gfield_label' for='input_14_5' >Property Website/Blog</label><div class='ginput_container ginput_container_text'><input name='input_5' id='input_14_5' type='text' value='' class='medium' aria-invalid="false" /> </div></li><li id="field_14_6" class="gfield field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_6"><label class='gfield_label screen-reader-text gfield_label_before_complex' ></label><div class='ginput_container ginput_container_checkbox'><ul class='gfield_checkbox' id='input_14_6'><li class='gchoice gchoice_14_6_1'> <input class='gfield-choice-input' name='input_6.1' type='checkbox' value='I&#039;m a current Community Sherpa customer' id='choice_14_6_1' /> <label for='choice_14_6_1' id='label_14_6_1'>I'm a current Community Sherpa customer</label> </li></ul></div></li><li id="field_14_4" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_4"><div class='ginput_container ginput_container_text'><input name='input_4' id='input_14_4' type='hidden' class='gform_hidden' aria-invalid="false" value='' /></div></li><li id="field_14_7" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_14_7"><div class='ginput_container ginput_container_text'><input name='input_7' id='input_14_7' type='hidden' class='gform_hidden' aria-invalid="false" value='' /></div></li></ul></div> <div class='gform_footer top_label'> <input type='submit' id='gform_submit_button_14' class='gform_button button' value='Send me the slides!' onclick='if(window["gf_submitting_14"]){return false;} if( !jQuery("#gform_14")[0].checkValidity || jQuery("#gform_14")[0].checkValidity()){window["gf_submitting_14"]=true;} ' onkeypress='if( event.keyCode == 13 ){ if(window["gf_submitting_14"]){return false;} if( !jQuery("#gform_14")[0].checkValidity || jQuery("#gform_14")[0].checkValidity()){window["gf_submitting_14"]=true;} jQuery("#gform_14").trigger("submit",[true]); }' /> <input type='hidden' class='gform_hidden' name='is_submit_14' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='14' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_14' value='WyJbXSIsIjg0ZGZiNzZhNjMyOGJkNWU5NWY3MDVlMzE0Y2Y1ZGVkIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_14' id='gform_target_page_number_14' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_14' id='gform_source_page_number_14' value='1' /> <input type='hidden' name='gform_field_values' value='' /> </div> <p style="display: none !important;"><label>&#916;<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_2" name="ak_js" value="225"/><script>document.getElementById( "ak_js_2" ).setAttribute( "value", ( new Date() ).getTime() );</script></p></form> </div>