Earlier this week I was working in a client’s site and noticed an odd error log in the theme folder. I’ve been seeing a high number of attacks on WordPress sites in the past months, so my spidey sense was on high alert. I downloaded and opened the error log and found four or five identical entries that looked like this:
Note: If you are one of my clients, you can ignore this warning. I’ve already checked your site and updated it where necessary. Rest easy!
Yesterday there was a password breach on WordPress.org that allowed malware to be added to three plugins: WPTouch, AddThis, and W3 Total Cache. The malware was found and removed very quickly and the password hole was plugged.
If your WordPress site is running any of these three plugins, AND if you upgraded them yesterday from your dashboard, you may have gotten the bad versions. Please go back to your dashboard and update them again today. You should see an upgrade notice when you log in.
Make sure that you are running the following versions of the plugins. These are clean:
WPTouch: version 1.9.29
AddThis: version 2.2.0
W3 Total Cache: version 0.9.2.3
Here are links to stories about it in case you want more information: