Published by expire0
Posted on July 12, 2009
This caught me by surprise when I ran across this information. There seems to be a exploit in some version of wordpress. The exploit from what I have seen is caused by users using a remote site to post to their blog.
view the blog content using google Reader or via curl will display the spam content
curl --no-sessionid --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)" http://www.example.com
Such sites include windows live writer.
I would recommend taking a look at the wordpress users that are setup on your site . Verify that only approved users have administrative rights. also compare your existing files with the files from the installation zip from wordpress.com ..
Possible error you may see
log Server Error
Server Error -32700 Occurred
parse error. not well formed