Someone seems to have successfully modified the content of a post on the WordPress powered Magpie blog to insert link spam into the content of an existing post. Is there a known vulnerability that allows this? I admit I’ve been remiss in following WordPress security advisories?
Interestingly only one post has been altered, and that post has the distinction of being the post with an embedded Paypal donation button.
I’ve yanked the blog down for now until I have time to figure out what happened. (and I just got LM back online)