I’ve just finished upgrading all the core files on my wordpress blog Bolt Mountain, West Virginia. I usually don’t talk too much about that blog here but I found a security issue today that may interest other self hosted wordpress users.
For a while now I have had major spam on my wordpress blog. The spammers were getting into my core files as registered subscribers. Once they were there, they were able to hide links and keywords within the text of my posts. I don’t know exactly how they accomplished altering my post and I don’t know if the latest upgrade addresses the issue. But I will find out. In the meantime, I wrote a post over there today showing you the latest hijacked post. If you run an old version of wordpress you may want to check your posts. Your blog could be sending out all the wrong signals.
Wordpress Warning
