How to report possible security issue?

  • I just went to the plugin page on one of my WordPress 2.7 installations because I was going to upgrade some plugins.

    At the top were two error messages:

    The plugin ../../wp-content/uploads/2006/05/CreepBot.old has been deactivated due to an error: Invalid plugin path.

    The plugin ../../wp-content/uploads/2008/08/apr07-2-300×185.old has been deactivated due to an error: Invalid plugin path.

    Checking the directory referenced in the first error I find a JPEG (CreepBot.jpg) I uploaded and a thumbnail. Both with file modification times of 5-9-06. There is also another file “CreepBot.old” that is 47.6KB. When I open it, its obfuscated PHP code.

    The other referenced file from the error also exists. It is also obfuscated PHP, but it is only about 20KB.

    I’ve removed the files and set them aside and scanned for other files in wp-content with the .old file extention, but didn’t find any.

    I’d love to pass the files and the appropriate section of my access logs to someone who can investigate this further, but I couldn’t find an appropriate means of contact.

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘How to report possible security issue?’ is closed to new replies.