Comments on: Troubles with Wild Themes http://www.algorithm.co.il/blogs/security/troubles-with-wild-themes/ Algorithms, for the heck of it Tue, 21 Jun 2011 21:07:08 +0000 hourly 1 http://wordpress.org/?v=3.1.3 By: lorg http://www.algorithm.co.il/blogs/security/troubles-with-wild-themes/#comment-83 lorg Thu, 07 Feb 2008 23:34:44 +0000 http://www.algorithm.co.il/blogs/index.php/security/troubles-with-wild-themes/#comment-83 The problem I'm describing is that the themes are troublesome. The exploit you're talking about is based on a vulnerability in xmlrpc.php, which is part of the wordpress code, not theme code. The problem I’m describing is that the themes are troublesome.

The exploit you’re talking about is based on a vulnerability in xmlrpc.php, which is part of the wordpress code, not theme code.

]]> By: Brian http://www.algorithm.co.il/blogs/security/troubles-with-wild-themes/#comment-82 Brian Thu, 07 Feb 2008 23:26:34 +0000 http://www.algorithm.co.il/blogs/index.php/security/troubles-with-wild-themes/#comment-82 Was it the themes themselves, or sites being hit by this: http://wordpress.org/development/2008/02/wordpress-233/ This was being actively exploited for several weeks, frequently from Chinese owned IP addresses, before the upgrade was available. It allows remote post modification w/o authentication via the XML-RPC interface. Was it the themes themselves, or sites being hit by this:
http://wordpress.org/development/2008/02/wordpress-233/

This was being actively exploited for several weeks, frequently from Chinese owned IP addresses, before the upgrade was available. It allows remote post modification w/o authentication via the XML-RPC interface.

]]>