WP bug solved: ‘WordPress 2.5.1 is available! Please update now’

Earlier this week, I upgraded our blog to WordPress 2.5.1, the latest version of the WordPress blogging software. Although the upgrade was successful and complete, the Admin Dashboard still showed a strip saying “WordPress 2.5.1 is available! Please update now.”

At first, I dismissed it as an annoying bug that will probably go away upon the next release. But after searching the net for more information, this may actually be a symptom of a WordPress vulnerability and the site may have been hacked or SQL injected.

Fortunately, a few online sources have already detailed a solution. I tried it in our blog and after a few hours of 404 Not Found Errors and Database Connection Problems, the problem seems to have been solved.

A WordPress support topic and a post in WordPressPhilippines.org were the most helpful with regard to this problem. The info below shows what I did with our blog.

* Before you do anything, back up your WordPress database and files! Don’t proceed without doing this first. This ensures that you can restore your database from backup should something go wrong with the process. Click here for info on how to back up a WP database.

** To access your WordPress database, use a program such as PhpMyAdmin. If you have cPanel, go to “Databases” and launch PhpMyAdmin.

Delete phantom “WordPress” user

Access your WordPress database and browse the wp_users table. Check if it contains a row with the user_login “WordPress.” Skip this for a while and go to your blog’s Administration Panel > Users. If you don’t see this user in the Manage Users section, it most likely is a phantom user. Go back to your database and delete this “WordPress” user.

Edit “active_plugins” and “deactivated_plugins” under wp_options

Browse the wp_options table in your database. Under the option_name column, look for two entries: “active_plugins” and “deactivated_plugins”. Click the “Edit” button (the pencil icon in phpMyAdmin) for each of those two entries. If you see a weird-looking, long line such as the following (values may differ), delete it and save the new entry.

i:0;s:117:”../../../../../../../../../../../../../../../../../../../../../../tmp/tmpe9aXBg/sess_7eb20536ff5ff4f0a0ba6d2321df5957″;

Make sure you remove only that line. I made the mistake of deleting the entire contents of the “deactivated_plugin” entry and it caused 404 Not Found errors. Fortunately, I have the database backup so I just restored it and started the process again.

Upload WP 2.5.1 files again

The blog was still getting errors after doing the two steps above so I decided to re-upload the WP 2.5.1 files and overwrite the ones in the server. Here’s a nifty guide on how to replace your WordPress files.

Voila! After doing those three things, the annoying “Please update now” reminder disappeared in the Dashboard.

In some cases, that strip still won’t go away. Try the following other suggested solutions and see if they will work for you.

Remove wp-info.txt file

Using any FTP program, access you blog’s directories and see if you can find a wp-info.txt file. This is not a valid WordPress file and, in fact, is said to contain your database usernames, passwords, emails, etc. which can be used to hack your system. If you found it, remove it immediately and change all your passwords.

Delete files ending _new, _old, .pngg, .jpgg, .giff

Scan your folders again and if you see files with the extensions _new.php, _old.php, .php.pngg, .php.jpgg, or .php.giff, delete them. These files are said to be executables that will display a fake “404 Not Found” error when called from a browser, but will display your server information if called from a script with the matching hash from one of the hacked PHP scripts.

Remove extra codes added on PHP files

Check your WordPress php files and see if an extra code was added to the first line.

Wordpress 2.5.1 error

Here’s a sample malicious code although the values may differ in your case.

Remove these lines if you see them in your php files.

Upload WP 2.5.1 files again

Upload WP 2.5.1 files again just to make sure you are using the new (and hopefully) uninfected WordPress files.

Hope this tip works for you and that annoying Dashboard reminder will be gone.

About the Author

PSEi support seen at 6,200 and 6,000 amid weaker Peso

In a not-so-surprising move, the U.S. Federal Reserve (Fed) yesterday raised interest rates by 75 basis points (bps) or 0.75% in a bid to tame rising inflation in the United States. This was the third consecutive 0.75% rate hike by the Fed, which brings the federal funds rate, the central bank’s benchmark interest rate, to ... Read more
blank

Official SWIFT Code of BDO, BPI, Metrobank, Philippine banks

When sending cash remittances or wire transfer to a bank account in the Philippines (such as BDO, BPI, Metrobank, Landbank, DBP, etc.), you’ll surely need the SWIFT Code of the bank. Look no further because you can find all the SWIFT Codes you need in this list! Make sure you’re using the right bank code ... Read more
blank

How to Waive your Credit Card Annual Fee (BDO, BPI, Metrobank, RCBC, Citibank, UnionBank)

Without a doubt, one of the most annoying fees that credit cardholders have to pay is the annual fee. Majority of cardholders are familiar with this fee and majority of us likely pay this grudgingly year after year after year. In the case of my credit card with BPI (Bank of the Philippine Islands), I’m ... Read more
blank

Why Filipinos do not become business owners or entrepreneurs

For a majority of Filipinos, entrepreneurship does not seem to be a typical, expected path. This is not surprising, considering that in school, students are primarily taught to become employees after graduation. Students train for years to become staff workers, reporting to a supervisor, and just waiting to receive their wages or salaries every month. ... Read more
blank

My experience investing in Mutual Funds in the Philippines

I started investing in mutual funds when I was 22 years old. As an Overseas Filipino Worker (OFW) then, I was fortunate to be able to save some money at that young age because of my work abroad. One time while I was on vacation in the Philippines, I saw a large billboard in EDSA ... Read more
blank

Income Tax Tables in the Philippines (2022)

The Philippines’ new tax reform bill, known as TRAIN or Tax Reform for Acceleration and Inclusion, was signed into law on December 19, 2017 and its implementation began on January 1, 2018. What are the new income tax rates under the TRAIN law? How will TRAIN affect income taxes of individuals and corporations? How is the ... Read more
blank

PSE Stocks Performance under each Philippine President (1987-2021)

Did you know that Philippine stocks were able to achieve an astounding growth of 800% in a span of 30 years? From 1987 until 2018, the Philippine Stock Exchange index (PSEi) rose from 1,000 points to a peak of 9,000 points — generating a return of 800% over 30 years. (The PSEi is an index ... Read more
blank

SSL 2022: Salary Increases for Teachers, Nurses, Gov’t Employees

Good news to all government employees! There’s a new round of salary increases beginning January 1, 2022! Millions of employees of the Philippine government — including public school teachers, nurses and staff of government hospitals, and workers in local and national government agencies, etc. — will be getting an automatic salary adjustment this 2022 under ... Read more
blank

PSE Trading Hours in 2022: What time open, when closed?

Before you take the plunge into stock trading and investing, make sure you understand what stocks are and how the Philippine Stock Exchange (PSE) operates. Unlike other investments that are relatively safe, stock trading is risky and loss of money is a possibility. So before you deep dive into the exciting world of stock trading, ... Read more

Price Floor and Price Ceiling of PSE Stocks

Trading bands in the PSE come in two forms: Price Ceiling, or the upper price limit, and Price Floor, or the lower price limit.

10 thoughts on “WP bug solved: ‘WordPress 2.5.1 is available! Please update now’”

  1. @VBIgnacio, that’s the question other people are asking too. This was not the first time, though, because the WordPress server has been hacked before and the files available for download were exploited by a hacker/cracker.

    @Don, in which URL/page did that 404 error appear? The site seems to be ok from our end.

    Reply
  2. nice posts here, I’m looking for the solution on my WP problem and I actually stop from searching for the solution bcoz i was not able to solve it. I’ll try this one. Thanks gid!

    Reply
  3. my website has been hacked! im not a techie and would appreciate any advise yall give. i already contacted the host of the site and says that there are scripts had been executed on php. basically the website now has been exploited. i desperately need your advise. is upgrading would make this site back? thanks!

    yoh

    Reply

Leave a Comment