• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

APRIL FOOLS: No Serious Security Vulnerability on WordPress 3.x – Remote Command Execution

April 1, 2011David Dede

0
SHARES
FacebookTwitterSubscribe

This post was not real. It was an attempt at humor, as bad as it may seem. The post has been removed, and we understand the concerns. We truly apologize for misleading anyone. There is no vulnerability with WordPress 3.x. WordPress and its development team take serious all security considerations and do a great job of ensuring the WordPress security posture, we were not trying to undermine their hard work.

This is to be taken about as serious as most things on April 1st. Sorry for any inconvenience!

If you have any questions, please contact us at support@sucuri.net

0
SHARES
FacebookTwitterSubscribe

Categories: Vulnerability Disclosure, WordPress Security

About David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Reader Interactions

Comments

  1. Matteo Campofiorito

    April 1, 2011

    april fool? There is no wp-att.php in WordPress installtion 😉

  2. Pothi

    April 1, 2011

    Today is “April 1”!

  3. Unfunny

    April 1, 2011

    I thought April Fools jokes were meant to be funny?

  4. Grafix - logiciel gratuit

    April 1, 2011

    http://www.google.com/search?q=inurl%3A%22wp-att.php%22

    fake :p

  5. Andrea_R

    April 1, 2011

    Not funny, guys.

  6. Jane Wells

    April 1, 2011

    The reason this isn’t funny is that the average WordPress user doesn’t know enough about code security to see that you’re joking, and we’ll spend the day telling people that no, this was not a real security issue, after they freak out because someone told them they read a security warning on a trusted site. Tack on an extra day to the development cycle of 3.2, folks.

  7. Joachim Kudish

    April 1, 2011

    Not exactly the best april’s fool joke, this could seriously backlash

  8. Christopher Ross

    April 1, 2011

    Great to see you guys get into the holiday spirit, unfortunately it’s a little like yelling fire in a movie theatre.

  9. Joen

    April 1, 2011

    It’s too easy to call this attempt at an Aprils Fools joke bad taste & blatant attempt to gather attention.

    No rather, this is an astounding level of irresponsibility by a purported security company. How do you expect customers to take you seriously after this?

    If I were you, I’d consider redacting this and posting a followup.

  10. Eric

    April 1, 2011

    Once I saw the “carefully planned backdoor” comment I knew it was bogus and started to laugh. But then I thought of all my clients who would miss the joke. So funny for me, unfunny for the other 99% of the population who knows nothing about the internal workings of WP. Just a good reminder that everyone should take everything they hear on April 1 with a grain of salt. (The disclaimer should help soothe any lasting issues, too.)

  11. Otto

    April 1, 2011

    A classic April Fools joke would be more obviously a joke. The problem was that this doesn’t read like a joke to an uninformed person.

    In other words, it’s too subtle. Next time be more obvious about it.

  12. Kelvin Lomboy

    April 1, 2011

    People! it’s April Fools Day!! They are not the only security company having fun today.

    http://nakedsecurity.sophos.com/2011/04/01/apple-ipad-vulnerable-to-data-loss-through-substrate-hack/
    https://threatpost.com/en_us/blogs/experts-justin-bieber-virus-spottedbut-sputtering-040111
    http://blog.metasploit.com/2011/04/happy-april-fools-day.html

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

WordPress Security Course

How to Clean a Hacked Website Guide

WordPress Security Guide

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.