[size=13pt]Bad news for just about every WordPress blogger out there. Thousands of WordPress 3.2.1 installations are at risk of being compromised. It has been found that the latest version 3.2.1 of WordPress, an extremely popular suite of tools for powering blogs, is vulnerable to XSS injection attack which allows users to inject malicious JavaScript as a result of failure in sanitizing the comments field.

Thousands of WordPress Website are being ha-cked everyday.

http://www.hungry-hackers.com/2011/08/xss-injection-vulnerability-in-wordpress-321.html[/size]

I guess you should read deeper to see another post

http://www.hungry-hackers.com/2011/08/false-alarm-xss-vulnerability-in-wordpress-321.html

Now summarize for us please.

I have got lots of complain from people that did upgrade from last week to yesterday.

http://discussion.dreamhost.com/thread-130607.html

Another Thread

And what's their complains?

Did you run a vulnerability test to ascertain that it is vulnerable to XSS attacks?

I also hope you read this from the URL you pointed out as well.

http://codex.wordpress.org/Hardening_WordPress

You also should know what plugins you use and what codes make them up too. Get all these to safety and when they all fail you, you can raise an alarm else don't because further claims from many other posts all later posted safe again and I am yet to figure out why. I guess after you verification you might end up like them too.

Safe!

@OmniPotens what are you saying, my website have been hacked twice now in less than 48 hours,

Is your website running on WordPress? What plugins are you using and how secure too is your hosting server? What satisfies the fact that actually it was the framework that created the loop and not as a result of the running plugins or insecurity of your hosting server?

yes my website is running on wordpress and i think my hosting server is secure, i used some plugins and themes and i think that is how it got ha-cked,, although am running installation of the wordpress at fresh again and trying to do a better securing, like


# protect the htaccess file
<files .htaccess>
order allow,deny
deny from all
</files>

# disable the server signature
ServerSignature Off

# limit file uploads to 10mb
LimitRequestBody 10240000

# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>

#who has access who doesnt
order allow,deny
#deny from 000.000.000.000
allow from all

#custom error docs
ErrorDocument 404 /notfound.php
ErrorDocument 403 /forbidden.php
ErrorDocument 500 /error.php

# disable directory browsing
Options All -Indexes

#redirect old to new
Redirect 301 /old.php http://www.yourblog.com/new.php

# remove category from link
RewriteRule ^category/(.+)$ http://www.yourblog.com/$1 [R=301,L]

#block referring domains
RewriteEngine on
RewriteCond %{HTTP_REFERER} digg\.com [NC]
RewriteRule .* – [F]

#disable hotlinking of images with forbidden or custom image option
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourblog.com/.*$ [NC]
#RewriteRule \.(gif|jpg)$ – [F]
#RewriteRule \.(gif|jpg)$ http://www.yourblog.com/stealingisbad.gif [R,L]

# php compression – use with caution
<ifmodule mod_php4.c>
php_value zlib.output_compression 16386
</ifmodule>

# set the canonical url
RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourblog\.com$ [NC]
RewriteRule ^(.*)$ http://www.yourblog.com/$1 [R=301,L]

# protect from spam comments
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

i hope this would hep??

I think you need to know from where your attack came from.

You also need to harden your WordPress installation too.

Know what plugins you are installing as well. There are even some plugins that will help you with most of these mod_rewrite or .htaccess configurations. Don't forget to check your file permissions too.

In summary, before you come out and acclaim something is not functional, first of all ensure that you took all necessary precautions to satisfy that errors are not from your end. I think what you should do is just to install only the WordPress framework then try hacking it. If you easily get that then you can alert us again. But after installing all your plugins and you hack and succeed then you can start figuring out where your problem is coming from. I will suggest you try to look into the make up codes of the plugins you are installing. Not the best to just auto install them without knowing what the codes look like.

I was thinking you were going to switch to either Joomla or Drupal but you are sticking back to WP,

Safe!

^^^^^ are you saying joomla and drupal are better?

Not at all. Your choice. I was only drawing your attention to them in case you hated WordPress.

wordpress looks lil cool, am trying to find more space to concentrate on it, thanks for your views

they are at it again, these hackers wont let me rest,,, Omni-potens, dual-core, *dhtml, hostsleek

please how do i get out from this mess,,, i tried alot but i think the hack is through the wp- direct

What hack attempt was made and what do you think is their target? What plugins did you install? Are you using a theme that's nulled? Hope you checked they are not having any scripts attached which verifies domain names using their themes to see if they were genuinely purchased? You have to verify all these ok?

Why not still install only the WordPress framework and see if they'll hack it down too. That will give you an insight into what actually is happening

i installed some plugins like bulletproof security,antivirus, social connect, tweet and like, and one other SEO plugin, the script is nulled and when i use the default, it doesnt get hacked,,,

Now you can see that you never talked about anything nulled but I brought the issue up because I knew that was another avenue that hacking attempts could come from but in your case I have not said "it is where it came from." See if you can get on without the nulled thing to see if the attacks still come through.

yes am doing that niw, and waiting for like one week to see if that happens again

(Yookos)

you own the cosmos

Meaning the universe

Which is has been re-interpolation into “You Own the World”
some computer have Gremlins in it, but (Yookos) has pastor Chris in it, who works for his father the Devil he over shadows his life?
“Social Net Working Tools Made for Cults”
WARNING ENTER IN AT YOUR OWN RISK

bad news, hope this is not true oh

crossman9:

(Yookos)

you own the cosmos

Meaning the universe

Which is has been re-interpolation into “You Own the World”
some computer have Gremlins in it, but (Yookos) has pastor Chris in it, who works for his father the Devil he over shadows his life?
“Social Net Working Tools Made for Cults”
WARNING ENTER IN AT YOUR OWN RISK

How dear you post such crap!
Where do u belong.

Do you think I am promoting this church I am not I am pointing out what the abbreviation means Yokoos means  as the church teaches the earth is the lords and therefore fullness but is given it onto the sons of men
they don't own all things like they claim