The most important WordPress vulnerabilities to be aware of are Arbitrary file uploads and SQL injection.
Tag: WordPress database Page 1/6
There have been an increasing number of cases of malicious JAVASCRIPT being embedded in all WordPress posts. Here is how to deal with this malware.
This section describes a web shell that can infect (or be installed by hackers) WordPress.
This section describes injection attacks in which malicious content is inserted into WordPress pages.
What kind of attacks can hackers launch on a WordPress site? We will explain about the following
We will explain why a site is infected with malware in WordPress and moves itself to another site, and why the malicious code comes back after a while, no matter how many times you remove it.
The following are the three vulnerabilities that are most likely to be exploited if discovered on a WordPress site. If your site contains any plug-ins or other components that are vulnerable to these vulnerabilities, we recommend that you take action as soon as possible.
This section describes the features that should be implemented in the WordPress security plugin.
This section describes the problem of wordpress upgrade.php and install.php leaking the wordpress version and how to deal with it.
This is a brief glossary of common vulnerability attacks on WordPress.
If a page you do not remember creating is registered in Google Search Console, it is possible that your WordPress site was infected with malware and generated a malicious page.
Here are five minimum security precautions to take when managing a WordPress site. In our experience, this will prevent more than 90% of hacking attempts.
We would like to talk about whether hacking (tampering) with a WordPress site can lead to a case for damages for users who access the site, based on our experience.
This section describes malware that uses a text copy and paste service in WordPress.
There is a type of WordPress malware that registers fraudulent e-commerce site pages in Google search results without permission. We will explain whether (and when) such malicious search results disappear after the malware is removed.
This section describes a web shell that can be installed via a vulnerability in WordPress.
We are currently unable to update the vulnerability database of our malware scan plug-ins due to the fact that NIST has stopped updating the database.
If you have unused or abandoned WordPress sites on your server, we recommend that you delete them. We will explain the reasons for this and how to delete an abandoned site.
