Quote:
Originally Posted by 2MuchMark
Ouch! Dude.. I don't know but I think this should have been sent as a PM instead...
|
It's a bit late for that, sending a PM wouldn't ameliorate the issue.
He's using a years old insecure Wordpress install, on an end of life PHP install, with plugins with known security vulnerabilities and there's thousands of automated attacks that have scanned his site over the years and found these problems.
If it was a 0 day I wouldn't post in public, hell even if it was a year old exploit I wouldn't post it, but this is an 8 year old version of Wordpress, 5 year old PHP version and a 7 year old exploited plugin.
I'm not posting anything that's not already been exploited. There are already entrenched backdoors in that site, probably been there for years doing who knows what.