I’ve always had a habit of ignoring WordPress updates because I have a belief that “if it ain’t broke, don’t fix it!”. Oh boy, that came back to bite me in the ass this morning.
So it began when I got a Google alert that a few of my blog posts has been picked up by Google’s search bots. “Great”, I thought but wait…those posts looks a bit strange. On closer inspection, they were spam posts for sex performance drugs and using pictures of scantily clad women on my blog!
“How did this happen??” I gasped! The links are coming directly from my blog and the posts uses the same theme as my blog!
Well after much research, I found that there’s quite a few security holes that needed to be plugged by the WordPress updates as well as a common plugin called “Timthumb”. The scary thing is that this plugin can be exploited even if its in a theme that is not active!
Wow! So I updated my WordPress installation using the “automatic update”, and that got me a fatal error with one of my plugins. A double-whammy in one morning! After almost 2-hours of trouble shooting, things are back to normal. I thought that at the very least, I’d make a blog post out of it in case it helps any of you.
So here are the solutions in case any you encounter such a horror one day:
If you encounter a fatal error after upgrading to the latest WordPress build, chances are, its caused by a plugin incompatibility. This effectively locks you out of the admin panel and is quite alarming. But don’t panic! The solution is to identify the offending plugin and deactivate it.
In my case, the culprit causing the fatal error in WordPress was the popular “Popup Domination” plugin.
When WordPress can’t find the plugin (because you renamed it), all it does is deactivate it. This allows you access back into the WordPress admin panel. Then you reactive them one-by-one until you find the plugin that causes the error! When you know which plugin is the offending plugin, you can either delete it or replace it with an updated version if it exists.
Now, about how to fix the “Timthumb” vulnerability. I found a simple solution on this post:
Basically, its just a mater of locating the “timthumb.php” file, and replacing it with this one:
Now, I can’t say if this has permanently fixed the issue but so far, the offending SPAM posts has been removed and everything seems to be back to normal.
From now on, I will definitely make sure to keep WordPress updated – especially if any vulnerabilities have been found and fixed!