Is this an exploit or what?
-
I was reviewing my web stats and noticed 3 or 4 hits in the last 2 days from widgets.wordpress.com although I cant find anywhere on that site where there is a link to my site.
When i go to widgets.wordpress.com and view the page source I see the following javascript code inside their source:
<script type="text/javascript"> function showNav(el) { el.getElementsByTagName('UL')[0].style.left='auto'; } function hideNav(el) { el.getElementsByTagName('UL')[0].style.left='-999em'; } function pressthis(step) {if (step == 1) {if(navigator.userAgent.indexOf('Safari') >= 0) {Q=getSelection();}else {if(window.getSelection)Q=window.getSelection().toString();else if(document.selection)Q=document.selection.createRange().text;else Q=document.getSelection().toString();}} else {location.href='https://domain.com/wp-admin/post-new.php?text='+encodeURIComponent(Q.toString())+'&popupurl='+encodeURIComponent(location.href)+'&popuptitle='+encodeURIComponent(document.title);}} </script>Why is there javascript in someone elses website trying to post in my admin section? I replaced my domain with “domain.com” in the location.href .
any helpwould be appreciated
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Is this an exploit or what?’ is closed to new replies.