Site Hacked by using “Lost Password”

  • Sites are running on 2.7 with only some of the popular plugins all updated.

    I even changed the wordpress prefix table.

    Today..some of my sites were hacked by using the “Forgot Password” function. I received the notification by email.. when I checked the sites were hacked.

    I then deleted everything and changed the login password via phpmyadmin.

    How was it hacked (in general?) Was it done via RFI? code injection, etc.?

    I had a totally different wordpress prefix, install “Login Locked down” plugin.

    Anything else I should do to prevent this in the future?

    Thanks,
    Mike

Viewing 1 replies (of 1 total)

  • I too would like answers about this, I’ve got a developer looking through the logs but this really does look like something which needs some work.

    What add ons did you have installed? From what we can see the hackers got in via the forgot password – don’t know exactly how – and then used the theme manager to upload the new files.

    Would like some answers!

Viewing 1 replies (of 1 total)
  • The topic ‘Site Hacked by using “Lost Password”’ is closed to new replies.