A script kiddie with the username maxymax tried to include a backdoor in WordPress by modifying a file within the twentyeleven theme on the WordPress Github repository. The file was heavily modified to include references to “Saudi Sh31l v1.0”. They then initiated a pull request, asking that their changes be accepted into the core code.
The attempted inclusion was easily caught and dismissed by WordPress developers. It garnered quite a few comments to the commit.
The blatantly obvious changes can be seen by browsing the code. Within the code, a reference to a Twitter account is made @al-swisre The MaxyMax github user account is still enabled but doesn’t have any activity since the commit.
Well, that’s an ambitious attempt to open a ton of WordPress sites to exploitation but it seems this effort has been unsuccessful.