• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

WordPress Security

wordpress-security-blog-category

Read articles related to WordPress security, including the latest WordPress vulnerabilities disclosured in popular plugins and themes. Learn about emerging website malware infections that could impact WordPress, industry reports, and best practices to secure your WordPress websites. If your website has been hacked, check out our guide to clean hacked WordPress sites.

Analyzing a WooCommerce credit card stealer

May 19, 2022Liam Smith

Analyzing a WooCommerce Credit Card Skimmer

The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different ways they obfuscate their payloads to avoid traditional detection. During a recent investigation for an infected WordPress website, we discovered…

Read More about Analyzing a WooCommerce Credit Card Skimmer

Massive JavaScript Injection Campaign Redirects to Ads

May 11, 2022Krasimir Konov

Massive WordPress JavaScript Injection Campaign Redirects to Ads 

Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam pages, or commercial websites with…

Read More about Massive WordPress JavaScript Injection Campaign Redirects to Ads 

WooCommerce Credit Card Stealer Concealed in Fake JPG

May 3, 2022Matt Morrow

WooCommerce Credit Card Skimmers Concealed In Fake Images

Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in past blog posts. Due to…

Read More about WooCommerce Credit Card Skimmers Concealed In Fake Images

April 28, 2022Ben Martin

Hacked Website Threat Report 2021

Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put together this analysis to help…

Read More about Hacked Website Threat Report 2021

April 2022 Sucuri Vulnerability Roundup

April 26, 2022Antony Garand

Vulnerability Roundup – April 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…

Read More about Vulnerability Roundup – April 2022

Keeping Up with PHP Updates

April 21, 2022Ashley Sand

Keeping Up With PHP Updates

Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client sites include injections, broken authentication,…

Read More about Keeping Up With PHP Updates

April 13, 2022Antony Garand

Critical RCE Vulnerability in Elementor WordPress Plugin

Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was released for the Elementor plugin…

Read More about Critical RCE Vulnerability in Elementor WordPress Plugin

April 8, 2022Ben Martin

The Case for 2FA by Default for WordPress

Administrator panel compromises are one of the most common attacks that everyday WordPress website admins face. We work with thousands of clients who have encountered attacks on their websites and…

Read More about The Case for 2FA by Default for WordPress

April 4, 2022Ben Martin

WordPress Overtakes Magento in Credit Card Skimmers

One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for known malicious content and malware…

Read More about WordPress Overtakes Magento in Credit Card Skimmers

April 1, 2022Ben Martin

WordPress Popunder Malware Redirects to Scam Sites

Over the last year we’ve seen an ongoing malware infection which redirects website visitors to scam sites. So far this year our monitoring has detected over 3,000 websites infected with…

Read More about WordPress Popunder Malware Redirects to Scam Sites

March 25, 2022Ben Martin

The Mystery Admin User

One of our clients recently submitted a malware removal request with a curious problem: A mystery admin user kept getting re-created on their website. Try as they might, nothing they…

Read More about The Mystery Admin User

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.