5 Comments

  1. Posted 12/5/2004 at 3:02 am | Permalink

    Thank you for this post. As usual in the WP forums, the fix was not presented in any straightforward way. sigh

  2. Posted 12/5/2004 at 10:48 pm | Permalink

    Glad it’s fixed, it ate all my comments yesterday but I was mainly trying to draw your attention to the problem. Incidentally I can’t install Spam Karma as my ISP (Infomaniak) doesn’t allow exec()for security reasons. The install aborts.. back to square one I suppose. At least I upgraded to WP 1.3 alpha and changed the template.

  3. Posted 12/7/2004 at 6:43 am | Permalink

    Thanks for the fix–Reading the WP support forum was bit foggy

  4. Posted 12/7/2004 at 6:56 pm | Permalink

    mmm.. I was thinking that everyone have faced with this problem should also make the fllowing:

    update wp_options set option_value='‘ where pption_name=’siteurl’;

    where is your actual site url….

  5. Posted 12/12/2004 at 12:02 am | Permalink

    Thanks for this great info - my site was getting knocked down every few hours but since removing those lines it’s been rock solid :-)

    @li

11 Trackbacks

  1. in, but a few clicks later I would find myself faced again with the same nasty situation. Testei a vulnerabilidade no meu prà³prio blog e funcionou: isto fi […]

  2. By blogNessie » WP Security Bug on 12/6/2004 at 8:16 pm
    • permalink) Thanks to Big Pink Cookie for pointing out a WP secutiry problem and Climb to the Stars for an easy to understand fix. […]
  3. By Mountebank » Wordpress bug on 12/8/2004 at 5:34 am

    ;even worse than I could have broken it myself. Luckily there’s a not-too-hard fix, here. Hope that took care of it!

    [...]
    
  4. By Gordon McLean. I am me. Who are you? on 12/8/2004 at 12:29 pm

    ou are using any version ABOVE (NOT including) 1.2, then I’d have a look at this and this. The latter is probably a better explanation. Ohh and not tryi […]

  5. user unintentionally (or intentionally) causing your site to crash. There is a simple fix here. I think it has bee […]

  6. By markhale.org » Wordpress Bug on 12/8/2004 at 4:18 pm

    malicious people can break your blog just by accessing it with a certain URL. Wonderful. The fix is to delete some lines of code from wp-login.php, which is […]

  7. gize. It’s been taken care of and won’t happen again . For those interested, Climb To The Stars has the fix and more info about the problem. […]

  8. By Blog vs. Blog » Wordpress bug on 12/15/2004 at 5:25 am

    led under: Administrivia — Administrator @ 11:36 pm

        I was taken down by a WordPress bug, which apparently started out as a feature. All is fi [...]
    
  9. By CptSaleks Weblog » WordPress patched on 12/20/2004 at 11:50 pm

    can be corrected by changing a few lines from wp-login.php. The procedure is described by climbtothestars.

     Posted: 21.12.2004  in:    G [...]
    
  10. ms there are so messy that I had a hard time figuring out how to fix it. That’s when Stephanie Booth came to the rescue. She has managed to give a much […]

  11. By O'DonnellWeb on 12/28/2004 at 11:21 pm

    Wordpress Warning

    There is a bug in Wordpress 1.2.1 and earlier that allows losers with nothing better to do to hack into…

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*
Contact