wp.getUsersBlogs attack/vulnerability

Upon returning to work after the holiday weekend I checked some of the larger sites I manage and one of them has had an attack that lasted the entire weekend. The attacker was attempting to use the wp.getUsersBlogs function and a list of popular usernames and passwords.

visit Stackexchange

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: