If you are running a self-hosted WordPress blog, please upgrade your WordPress installation NOW.
This warning from Lorelle shows how critical the issue is.
According to Lorelle’s post, old WordPress installations are being attacked (as you read this), and the number grows by the hour. The current version for WordPress is 2.8.4. Check yours. If its not 2.8.4, you are at risk.
How do you know if you’ve been attacked?
Lorelle also mentions two clues:
There are two clues that your WordPress site has been attacked.
There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval†and “base64_decode.â€
The second clue is that a “back door†was created by a “hidden†Administrator. Check your site users for “Administrator (2)†or a name you do not recognize.
Attacked or not, upgrade. NOW.
Thanks Stefan, for the hat tip!
well, i did it based on your recommendation for all 9 of my WP blogs. It did give me more options but I lost my syndication feature where I would put a post on my base site and it would feed to the other blogs in the same category. WP 2.7 didnt like this at all but I am not blaming you for it, the other features and upgrades made the upgrades well worth the time and expense, but it sure acted weird there at first, posts cloning themselves, numbered categories showing up, etc