WordPress Password Hijkack? pwd = W1seb0x50

As I have mentioned before I run several WordPress sites, and on them I have a firewall that reports any odd goings ons. Today a bunch of sites had this warning:

WordPress Firewall has detected and blocked a potential attack!

Web Page:   www.***********.co.uk/wp-login.php
Warning: URL may contain dangerous content!
Offending IP: [ Get IP location ]
Offending Parameter:   pwd = W1seb0x50
This may be a “WordPress-Specific SQL Injection Attack.”

Sometimes these are innocent, this may not be. I suspect at the moment then it is trying to find a vulnerability in an old version of WordPress. Of course, many people get WordPress installed by a web designer, or DIY, and forget about it. So there are many out-of-date versions on the Internet.

Come to think of it, Google Webmaster Tools even alerts its customers when it spots old software.

Anyway. Be careful, update your WordPress.

Just Googled [W1seb0x50] and it appears to be a typical (or atypical) attempt to access a computer by guessing the password. Odd that it comes up a few times.

Leave a Reply

Your email address will not be published. Required fields are marked *