Comments on: WordPress TinyMCE Hack Will Kill Your Blog http://wpcoop.org/wordpress-tinymce-hack-will-kill-your-blog/ Global Association of Wordpress Professionals Thu, 03 Jun 2010 05:06:47 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Nick Armstrong http://wpcoop.org/wordpress-tinymce-hack-will-kill-your-blog/comment-page-1/#comment-142 Nick Armstrong Thu, 03 Jun 2010 05:06:47 +0000 http://wpcoop.org/?p=732#comment-142 Steve, I'm not entirely sold on that. Both the Wiki software AND WordPress (and for that matter, my other PHP installations) that utilize TinyMCE were hacked. My other PHP installations that did not utilize TinyMCE were not hacked. Keep in mind, these were all GoDaddy hosted and BlueHost hosted (mixed bag on both servers). There's a bit of confusion as to how exactly it happens, but the security logs DO show sniffing for TinyMCE and then an execution of some sort. -Nick Steve,

I’m not entirely sold on that. Both the Wiki software AND WordPress (and for that matter, my other PHP installations) that utilize TinyMCE were hacked. My other PHP installations that did not utilize TinyMCE were not hacked. Keep in mind, these were all GoDaddy hosted and BlueHost hosted (mixed bag on both servers).

There’s a bit of confusion as to how exactly it happens, but the security logs DO show sniffing for TinyMCE and then an execution of some sort.

-Nick

]]> By: Steve http://wpcoop.org/wordpress-tinymce-hack-will-kill-your-blog/comment-page-1/#comment-137 Steve Sun, 28 Mar 2010 12:35:35 +0000 http://wpcoop.org/?p=732#comment-137 This is not related in anyway to TinyMCE (tinymce is just javascript), your blog was hacked some other way. This is not related in anyway to TinyMCE (tinymce is just javascript), your blog was hacked some other way.

]]>