About 60% of WordPress tampering damage is caused by vulnerabilities in the old WordPress itself and plugins. Some of these are 0-day attacks. This is explained here.


What is a program vulnerability?

WordPress is made up of thousands of PHP programs, including plug-ins. Many of these programs process data sent from external sources.

If there is a flaw in the way this data is processed, it is possible, for example, for an external party to send malicious data to the server, write arbitrary files to the server, or edit files.

A bug (or gap) in a program that allows unauthorized processing unintended by the creator is called a vulnerability.

Reference
What is a WordPress program vulnerability?

What is a 0Day attack?

A 0-Day attack is an attack that occurs when no updates are available to close the vulnerability.

The vulnerability itself may not be known.
The vulnerability itself may not be known.

Unfortunately, there is no way to prevent a 0Day attack when no means is provided to close the vulnerability and the vulnerability is not known.
However, since such vulnerabilities are known only to the person who discovered them or to a very small group of people at the time, the probability of being exposed to such an attack is very small.

The danger is to continue to use plug-ins that have known vulnerabilities but for which no security patches are available.

The danger of a 0Day attack is when a vulnerability is known, but no updates have been provided to cover it.

WordPress plug-ins may be left unattended even after vulnerabilities are found, as their creators may have stopped developing them.

In this case, the official WordPress site will stop distributing the plugin or take steps to prevent it from being found by search engines, but the vulnerability will remain in the plugin for sites that are already using it.

Check for vulnerabilities and stop using plug-ins for which no updates have been provided.

If a vulnerability is found, check the plugin’s administration page to see if an update is available for that plugin.

To check for vulnerabilities
You can also search for plug-ins and other plug-ins on WPSCAN.

You can also use the [Free] WordPress:Malware Scanning & Security Plug-in [Malware and Virus Detection and Removal] to check for vulnerabilities.

If a vulnerable plugin has been inactive for an extended period of time, we recommend that you deactivate and remove the plugin. (For a more advanced solution, you can add a program to close only the vulnerability based on the information of the regretted vulnerability.)

Related Posts:

  1. 5 characteristics of sites that are subject to WordPress hacking, hijacking, or defacement.
    At WordPress Doctor, we perform malware removal and security measures on behalf of more than several hundred sites per year. Based on this experience, we would like to share with you the characteristics of sites that have been hacked, hijacked, or defaced....
  2. What is a WordPress injection attack?
    There are various methods by which WordPress can be hacked, the most common of which is called an injection attack. This section describes these injection attacks....
  3. Vulnerability CVE-2023-22622 in WordPress 6.1.1 and below
    Recently, the international vulnerability database NIST has released CVE-2023-22622 as a vulnerability in WordPress 6.1.1 and below. The following is an explanation of the results of our investigation....
  4. How to check individual WordPress plugins for vulnerabilities
    It is said that 60% of WordPress hacks are program (theme or plugin) vulnerabilities. We will explain how to check for vulnerabilities in your plugins individually....
  5. Can a hacker attack on WordPress itself be prevented?
    Our client asked us if we could prevent the attacks themselves, since hackers have not stopped attacking them. Here is an explanation....
  6. Disable updating only certain plugins in wordpress
    This section explains how to rewrite the version to a higher value so that only certain plugins cannot be updated in WordPress....