Every blogger probably knows about the recent WordPress exploit which was pretty big news.  Well, because I didn’t upgrade my WordPress installation right away Traveling Project actually fell victim to the exploit.  How did I know?

When I went to the “Users” section of the Admin Panel I noticed that it said there were two administrators for the blog.  When I checked the list it only showed my administrator account designated as an “admin”.  This was one of the symptoms of the exploit so I knew the blog had been hit.

To fix the exploit I went into the MySQL database for Traveling Project and checked the “Users” table in the database.  I compared the list of users in the table to the list of users in the Admin Panel and deleted the only user not showing in the Admin Panel.  When I refreshed the Admin Panel it changed from showing two admin users to only one admin user, so I knew that user was the culprit and the issue was fixed.  I then updated my WordPress installation to the latest version and changed my admin password just in case.  Luckily there wasn’t any other damage or changes done to Traveling Project.  I still have to go through the old posts and rest of the blog to double check everything though.

So for anyone running WordPress this is just a friendly reminder to update your installations to the latest version!