Pick our brains...

OptimizePress Security Breach – OptimizePress Needs Patching

This important post comes to us from the fine & friendly folks at Shadow Dragon Unlimited.
You can find the original post here.

More news, discussion, informed opinions, and disinformation. Believe what you like, but have the skills to back it up! http://www.warriorforum.com/main-internet-marketing-discussion-forum/882768-optimizepress-1-getting-hacked-ever-day-whats-answer.html

Recently a theme security risk came to light within the OptimizePress Theme which allows for people to upload files to your WordPress blog.

*IMPORTANT* If you are using OtimizePress theme you need to fix this as this hack allows people to upload PHP files to your blog. This is a severe security breach which could adversely affect your blog, your customers, and even your server.

This post here:

WordPress OptimizePress hack (file upload vulnerability) 

details the hack in detail, but here are the basics:

  1.  The problem is in this file: wp-content/themes/OptimizePress/lib/admin/media-upload.php
  2. The hacker simply has to choose a PHP file using the “Upload New Image” section and upload it.

Once a hacker has been able to upload a php file anything is possible and likely. This means that they can upload a script that does pretty much anything they wish to do, such as backdoor, new admin or complete control of your site.

While this may not affect all users, depending on what security measures you may have implemented, you should double check this issue just to make sure.

Robert Neu, writer at WP Bacon, recommends taking these steps to insure your not affected:

  • Change Theme: You should change your theme immediately until you can either upgrade or implement a fix.
  • Patch OptimizePress: If you can’t change themes then implement a fix. by deleting the following file: wp-content/themes/OptimizePress/lib/admin/media-upload.php and After that, you’ll want to also find and delete the files inside the /wp-content/uploads/optpress/images_comingsoon/ directory.

The biggest problem is you just may not ever know if your site was hacked due to this exploit. So in truth, anyone who is using an un-patched version of this theme could already have a hacked file in place.

REPEAT: Your site could already be hacked. 

In order to truly be safe from this potential hack you may want to re-install a complete new installation of WordPress and a new theme. In effect starting over. While this is a drastic measure, it is the only way to insure that you have not been affected by the hack.

Anyone wishing to do true damage will not notify you of their intentions. Which means a true hacker will simply install a file that can install other hacked files. Why have one back door when you can install hundreds of them.

Even if you patch the theme files the damage could already be done. Which means that you might simply be waiting for future trouble even though your theme problems have been fixed. This unfortunately means that you will never know until it is too late if someone uploaded bad files.

If you think your site has been hacked you should prepare for the worst case.