Comments on: BIG security issue !

By: alex.rabe

alex.rabe — Sat, 22 Dec 2007 12:57:13 +0000

This is ongoing since May, also my page receive still 100-200 attemps each day…

By: KC

KC — Sat, 22 Dec 2007 01:47:10 +0000

I’m seeing today in the logs that someone (a botnet?) is guessing that I have this plugin installed (and some others too). I notice that this happens time to time — they check on whatever wordpress installations they can find and see if someone hasn’t updated.

By: Websenat » Beitrag » Websenat reloaded 2 (UPDATE)

Websenat » Beitrag » Websenat reloaded 2 (UPDATE) — Sun, 02 Sep 2007 12:09:28 +0000

[…] DoS-Attacken gegen einen Brasilianischen Server benutzt. Das betroffene PlugIn war WordTube von Alex Rabe. Anfang Mai wurde auch schon auf einigen Sites und Blogs über dieses Problem berichtet. Durch […]

By: Fear, WPMU and progress… at alex.rabe

Fear, WPMU and progress… at alex.rabe — Sat, 25 Aug 2007 09:03:36 +0000

[…] but this is also a growing risk that hackers and bad guys review again the code and find another security problem. I fear the day when my plugin is listed on milworm… I do my best to review my own code, but […]

By: wilsen

wilsen — Wed, 22 Aug 2007 22:19:20 +0000

Hi Alex,

things like that happen! I appreciate that you acted that quick and that you mind your plug-in. But “Hacked of London” is right. Because of that I want to recommend this book:

http://www.amazon.de/PHP-Sicherheit-PHP-MySQL-Webanwendungen-sicher-programmieren/dp/3898644502/ref=cm_taf_title_featured?ie=UTF8&tag=tellafriend-20

This book really kicks ass! And if you don’t already know it, it will help you to develop more of these wonderful plug-ins for us

By: site got hacked today!

site got hacked today! — Mon, 13 Aug 2007 16:09:37 +0000

[…] seems like one file of the wordtube plugin was open to GET exploits. i removed the file now, changed all passwords (ftp, sql, wordpress, mint) and hope that i won’t recieve another suspicious email. if you use the same plugin, do so as well (instructions are here). […]

By: Downtime am Wochenende

Downtime am Wochenende — Thu, 26 Jul 2007 09:36:59 +0000

[…] Ich möchte es so sagen: stellt bitte sicher, dass die Plugins eurer Wordpress-Installationen auf dem neusten Stand sind. Sofern ihr sie überhaupt benutzt. Aber auch sonst, denn sonst passieren doofe Dinge… […]

By: boris

boris — Thu, 26 Jul 2007 09:19:58 +0000

hab das sicherheitsproblem am eigenen leib.. ehm, server erfahren und wollte etwas zum thema erzählen.. aber ich sehe ja: das problem ist bekannt und gelöst. bestens

By: alex.rabe

alex.rabe — Mon, 16 Jul 2007 17:02:53 +0000

See my motto… learning by doing

You can trust me , this happend not a second time

By: Hacked of London

Hacked of London — Mon, 16 Jul 2007 10:55:13 +0000

These are really basic XSS attacks. Maybe you should learn to program before you release stuff in future.