WordPress Password Hijkack? pwd = W1seb0x50

As I have mentioned before I run several WordPress sites, and on them I have a firewall that reports any odd goings ons. Today a bunch of sites had this warning:

WordPress Firewall has detected and blocked a potential attack!

Web Page:   www.***********.co.uk/wp-login.php
Warning: URL may contain dangerous content!
Offending IP:   178.137.94.88 [ Get IP location ]
Offending Parameter:   pwd = W1seb0x50
This may be a “WordPress-Specific SQL Injection Attack.”

Sometimes these are innocent, this may not be. I suspect at the moment then it is trying to find a vulnerability in an old version of WordPress. Of course, many people get WordPress installed by a web designer, or DIY, and forget about it. So there are many out-of-date versions on the Internet.

Come to think of it, Google Webmaster Tools even alerts its customers when it spots old software.

Anyway. Be careful, update your WordPress.

Just Googled [W1seb0x50] and it appears to be a typical (or atypical) attempt to access a computer by guessing the password. Odd that it comes up a few times.

Be the first to leave a comment. Don’t be shy.

Join the Discussion

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>