http://www.psychlinks.net/wordpress-install-file-poses-security-risk/ Reviews and recommended products, resources, software, books, and services, with occasional commentary on SEO, SEM, technology, and the internet. Wed, 16 Mar 2011 03:32:18 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.psychlinks.net/wordpress-install-file-poses-security-risk/comment-page-1/#comment-19 djbaxter Tue, 16 Jun 2009 01:42:21 +0000 http://www.psychlinks.net/?p=155#comment-19 Thank you for the heads up on that issue, Phil. Thank you for the heads up on that issue, Phil.

]]> http://www.psychlinks.net/wordpress-install-file-poses-security-risk/comment-page-1/#comment-18 Phil Barnhart | Web Architect Tue, 16 Jun 2009 01:21:09 +0000 http://www.psychlinks.net/?p=155#comment-18 A larger issue may be all of the “readme” and “info” and other files left behind - not just for WordPress and all the plugins and templates, but other apps as well. I recently found in my server logs two strange bots from Chinese IPs that were active looking for readme txt files. If a particular plugin or app version has a vulnerability, it certainly may be more effective to scan the txt files that could indicate versions. A larger issue may be all of the “readme” and “info” and other files left behind – not just for WordPress and all the plugins and templates, but other apps as well. I recently found in my server logs two strange bots from Chinese IPs that were active looking for readme txt files. If a particular plugin or app version has a vulnerability, it certainly may be more effective to scan the txt files that could indicate versions.

]]>