Why are WordPress Websites Targeted by Hackers?
Ashley Sand If you are wondering why your wordpress site keeps getting hacked, or why you’re being targeted by hackers, we’ve compiled some of the top reasons…
Browsing Category
WordPress Security
669 posts
AccessPress Themes Hit With Targeted Supply Chain Attack
Ben Martin Security researchers at Automattic recently reported that the popular WordPress plugin and theme authors AccessPress were compromised and their software replaced with backdoored versions. The…
What Should You do if Your WordPress Site was Hacked?
These days WordPress infections are very common. In 2021, internetlivestats.com counted over 81 million websites hacked. If you’re one of the millions, you need to…
WordPress 5.8.3 Security Release
On January 6th, an important security update was released for the WordPress core addresses four separate vulnerabilities. WordPress website administrators are advised to update their…
Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 / 7.7 Vulnerability: Privilege Escalation, SQL Injection Patched Version: 4.1.5.3 Last week, security researcher at Automattic…
WooCommerce Credit Card Swiper Injected Into Random Plugin Files
It’s that time of year again! While website owners always need to be on guard, the holidays season is when online scams and credit card…
WordPress Admin Creator – A Simple, But Effective Attack
Kayleigh Martin Malicious admin users get added to vulnerable WordPress sites often. This can happen in a variety of different ways, and sometimes the malware that creates…
WooCommerce Skimmer Spoofs Checkout Page
Recently a client of ours was reporting a bogus checkout page appearing on their website. When trying to access their “my-account” page an unfamiliar prompt…
Multistage WordPress Redirect Kit
Recently, one of our analysts @kpetku came across a series of semi-randomised malware injections in multiple WordPress environments. Typical of spam redirect infections, the malware…
Vulnerable Plugin Exploited in Spam Redirect Campaign
Some weeks ago a critical unauthenticated privilege escalation vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. It also allows for arbitrary file…
An Overview of Basic WordPress Hardening
We have discussed in the past how out-of-the-box security configurations tend to not be very secure. This is usually true for all software and WordPress…