Security vulnerability? WP Super Cache file deleted during "Pharma Hack"

  • danoc

    (@danoc)


    13 years, 7 months ago

    I’ve gotten attacked by the infamous “Pharma” hack twice in the past week. Not sure the cause, but I’ve noticed that when the attacker strikes, WordPress complains that a WP Super Cache PHP file was deleted. Unfortunately, the error only appears once so I don’t remember the exact file name.

    The attack leaves a file called uploas.php in wp-includes that redirects bots to a pharmaceutical website.

    I don’t know if this is a vulnerability caused by WP Super Cache, but I figured it’s worth pointing out. In the meantime, I’m going to keep looking into it.

    http://ww.wp.xz.cn/extend/plugins/wp-super-cache/

The topic ‘Security vulnerability? WP Super Cache file deleted during "Pharma Hack"’ is closed to new replies.

Tags