Reported attack site

Unfortunately some douche decided to ruin my day by exploiting this site via the zero day vulnerability found in thumbtim.php that can allow arbitrary file uploads. Yup, just like many self-hosting WordPress bloggers one of my plugins and themes was using the vulnerable thumbtim.php and ended up taking most of my day to — with the help of other victims — restore the site from with a fresh and shiny clean install. I’ll have to admit that the site being compromised was due to laziness on my part. Even so, its not cool to mess things up for someone with not a lot of time to keep everything in check. Bastards!

View full article »