We will explain how an infection (tampering) with the WordPress database can cause the files on the site (server) to be tampered with.
Category: WordPress Security Page 4/14
Hackers target vulnerabilities in WordPress to gain various unauthorized access. The most common of these attacks is against admin-ajax.php.
WordPress outputs user login IDs and ID numbers in JSON. Although this is a specification, it may make your site more vulnerable to hackers for security reasons.
We would like to introduce you to the malware that is installed in the top directory of WordPress.
User 123@abc.com, which you don’t remember creating in WordPress, is an admin user that hackers add illegally.
The new WordPress tampering technique, the inclusion of .ccss malware, will be explained.
New SEO hack to register Chinese and product name wordpress search results in Google search results.
We have identified a new method of SEO hack that registers WordPress search results in Chinese and product names in Google search results, and we will explain how to deal with it.
Here’s what to do when spam comments don’t stop spamming URLs and links in WordPress.
You can improve security by preventing the execution of PHP programs in the upload folder of WordPress uploaded images and other folders that contain only static files outside of WordPress.
This section describes the defacing of a WordPress site by adding an unauthorized user.
A case of a fake WordPress vulnerability patch being distributed has been uncovered. This fake security patch is malware, and there are currently reported cases of emails to WordPress administrators containing links to this malware.
More than 90% of WordPress malware has obfuscated PHP programs. This article describes the obfuscation process.
This section describes phishing that displays a fake Google login screen on a WordPress site.
It is dangerous to run a WordPress site and think that it will not be targeted because of low traffic. We will explain why low traffic does not necessarily mean that your site will not be hacked.
A vulnerability in tagDiv Composer, a plugin included with the WordPress Newspaper theme, has been discovered that allows the database to be rewritten.
We have been consulted about a new type of malware that hooks the search results of site searches in WordPress to search engines, and here is a case study of it.
We will introduce the strongest file write permissions (permissions) to prevent malware infection in cases such as repeated malware infections in WordPress.
This section explains how site operators can deal with a red screen on a WordPress site that says “This site may cause damage to your computer.