We will explain the malware (a malicious program that is embedded after a WordPress site is defaced) that uses raw.githubusercontent.com to infect WordPress.
Tag: WordPress plugin Page 2/12
If a page you do not remember creating is registered in Google Search Console, it is possible that your WordPress site was infected with malware and generated a malicious page.
This section explains how to disable WordPress’ standard search function and return a 404 page.
WordPress is a CMS that basically does not hide the user ID = login ID. This means that a hacker attempting to gain unauthorized access to the site can log in as long as they know the password. We will explain how to completely hide your WordPress administrator ID.
A vulnerability affecting 5 million sites has been discovered in the popular WordPress cache plugin LiteSpeed Cache 6.3.0.1 and below. We recommend updating as soon as possible.
This section describes the installation of a fake plugin Super Socialat spreading in WordPress.
We will explain how to investigate unauthorized access to admin-ajax.php in WordPress
Here are five minimum security precautions to take when managing a WordPress site. In our experience, this will prevent more than 90% of hacking attempts.
Here is what to do if you are unable to download a WordPress plugin.
Vulnerability testing of WordPress plugins should be performed on a regular basis. We will explain the reasons for this.
Many of today’s malware spread infection to all folders beyond the domain folders in the server. In this article, we will discuss the infection of initial subdomain folders on unused servers, which is often overlooked.
This section describes a brute force attack that tries and breaks through WordPress users’ passwords by brute force and how to deal with it.
When a site is hacked and defaced, some webmasters generally assume that hackers have targeted your site and infiltrated it with advanced technology, but this is not the case with WordPress. This is not the case with WordPress.
There is a type of WordPress malware that registers fraudulent e-commerce site pages in Google search results without permission. We will explain whether (and when) such malicious search results disappear after the malware is removed.
We have discovered a case of malware (redirect code) being written to the WPCode – Insert Headers and Footers plugin in WordPress.
This section describes a web shell that can be installed via a vulnerability in WordPress.
Here are some ways to test for vulnerabilities in the WordPress mainframe and plugins.
Learn about sitemap injection, which can register incorrect pages from your WordPress site in Google’s search results without your permission, and how to deal with it.
