Exploited Script in WordPress Theme Sends Spam
Rodrigo Escobar Update 11/03/2017: If you want to learn how to secure WordPress, you can read all about it in our new guide. As WordPress continues to…
Browsing Category
WordPress Security
672 posts
Cloned Spam Sites in Subdirectories
Fernando Barbosa In a recent post, we covered how attackers were abusing server resources to create WordPress sites in subdirectories and distribute spam. By adding a complete…
New XM1RPC SEO Spam and Backdoor Campaign
We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1RPC campaign…
Learning From Buggy WordPress Wp-login Malware
Denis Sinegubko When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up…
Malicious WordPress Subdirectory Installs For SEO Spam
Remediating over 500 infected sites per day, we see attacks executed at varying levels of complexity. The tactics attackers use to compromise a site provide…
WordPress Hack Modifies Core Files to Share Spam
Bruno Zanelato One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without proper security measures in place, even…
Hacked Website Report – 2016/Q2
Daniel Cid Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights…
Hacking WordPress Sites on Shared Servers
A website is only as safe as the weakest link on its shared server. Once a hacker gains access to one site on the server,…
New Guide on How to Fix Hacked WordPress Sites
Alycia Mitchell Our involvement in WordPress security has always been a core part of our mission here at Sucuri. We have teams who actively lend advice on…
Cleaning the Wp-Page Pharma Hack in WordPress
Tony Perez Pharma hacks are common website infections categorized under SEO spam. With pharma hacks, the attacker exploits vulnerable websites to distribute pharmaceutical content to search engines…
SQL Injection Vulnerability in Ninja Forms
Marc-Alexandre Montpas As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, currently…