DISQUS

Hello! banane is using DISQUS, a powerful comment system, to manage its comments. Learn more.

Community Page

www.banane.com Jump to website »

Subscribe
- New Comments
Community
Top Commenters
- banane
  26 comments · 2 points
- directeur
  6 comments · 7 points
- faboomama
  2 comments · 4 points
- thinkspace
  2 comments · 1 points
- sean_mcgee
  2 comments · 1 points
Popular Threads
- Feminism in Web 2.0: Cattiness gets me down.
  3 weeks ago · 2 comments
Recent Comments
- wow--we sure use this site often, don't we :) that's right, you read it correctly: :) now that I know how you read smileys I'll use them often :) :)
  2 weeks ago by mel
  
  in Protected: Book Club
- WOW never thought of this before, China is well known for its herbal medicines. never thought that ginger has certain benefits in fields of medicine.
  2 weeks ago by female libido booster
  
  in Ginseng Oolong
- I wish more people took the time to actually get to know what a person is about *before* they made up their minds. Cattiness is a real drag and there is no need for it. It was pointless in school...
  3 weeks ago by worldofhiglet
  
  in Feminism in Web 2.0: Cattiness gets me down.
- OH hell yes about time someone commented on this! It's hard enough to be respected in a male dominated field, but to have women rip on us too? UGH
  3 weeks ago by woodhouse auto
  
  in Feminism in Web 2.0: Cattiness gets me down.
- My friend Sally & her husband were contesting my redheads theory with blondes. Ainsley Hayes, Donna Moss, later on the other staffer (I haven't gotten there yet). I still think there are...
  1 month ago by banane
  
  in Redheads & Pratfalls

banane

I write about SF, writing, and technology.

Jump to original thread »

WordPress Exploits and Patches

Started by banane · 1 year ago

I’m a big fan of WordPress, except for tonight when I’ve finally decided to conquer the random blog spam that has been happening to some blogs I administer. “WordPress Cookie Authentication Vulernability.” It’s an invisible kind of CSS appended to the bottom of a post, as a form no less. The realization is that the [...] ... Continue reading »

2 comments

Matt
1 year ago

If there is spammy HTML in the footer.php of a theme, it's unlikely that it has anything to do with the cookie thing, it's more likely file permissions and/or an old XML-RPC problem. The cookie thing only applies to you if they've already read your database directly, which is not possible if you're on a secure version, and changing your password protects you if they have. I wouldn't attempt to apply the phpass patch by hand.

reply

banane
1 year ago

Oh- thanks Matt! It's not in the footer, but at the end of a post, the individual post content, which users can't see, you can only see if you "view code" in the interface. I will change the db password, seems like the best idea.

reply

Add New Comment

Returning? Login

DISQUS

Community Page

Subscribe

Community

Top Commenters

Popular Threads

Recent Comments

banane

WordPress Exploits and Patches

2 comments

Add New Comment