SEO Blogs Hacked & WordPress 2.0.7 To The Rescue
January 17, 2007 by Gaman
In just over a week or so after the release of WordPress 2.0.6, version 2.0.7 is now available for download. It’s recommended that everyone upgrade to this latest version.
Recently a bug in certain versions of PHP came to our attention that could cause a security vulnerability in your blog. We’re able to work around it fairly easily, so we’ve decided to release 2.0.7 to fix the PHP security problem and the Feedburner issue that was in 2.0.6. It is recommended that everyone running WordPress 2.0.6 or lower upgrade to this new version.
Because this is a much smaller update than previous versions, you do not have to update all of WordPress’ files if you’re upgrading from version 2.0.6.
Here is the list of files that have changed since 2.0.6:
We know it sucks to have a release only 10 days after our last one, but we think it’s important enough for your blog to be secure to do it, and hopefully only having to change a few files will make the upgrade easier than normal.
The vulnerability in the previous version of WordPress was exploited by a hacker who had been attacking several SEO blogs. The hit list include
Below is the snapshot taken from Boogybonbon of what the hacker had to say.
Could it be that the hacker is associated with at least one of the site on the hit list? Perhaps it’s a way for him to gain attention and traffic from the SEO community. I don’t know but that’s not impossible.
This vulnerability should be fixed in the 2.0.7 word press upgrade.