WordPress Hacked: What to Do When Your Site is Compromised
Rianna MacLeod OK – your WordPress site is hacked. Now what? Questions we frequently get from new users are, “Why was my WordPress site hacked?” and “What…
Browsing Category
WordPress Security
646 posts
Vulnerability & Patch Roundup January 2024
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
How to Find, Change & Protect the WordPress Login URL: A Beginner’s Guide
If you’ve recently launched a WordPress website, you might be asking, “How do I log in to WordPress?” or “Where is my WordPress login located?”…
How to Fix Google Ads Disapproved Due to Malicious or Unwanted Software
Were your Google Ads just disapproved after a website compromise? Or, are you seeing policy violations for malicious or unwanted software in your Google Ads…
Thousands of Sites with Popup Builder Compromised by Balada Injector
Denis Sinegubko On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…
WordPress Vulnerability & Patch Roundup December 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
Ben Martin One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…
Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign
On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators. WordPress sites owners had started receiving emails from WordPress.com…
Critical RCE Vulnerability Patched in Backup Migration Plugin
On December 6th, 2023, the WordPress plugin Backup Migration received a critical security patch for a remote code execution vulnerability. Details were released five days…
WPScan Intro: How to Scan for WordPress Vulnerabilities
In this post, we will look at how to use WPScan as a WordPress vulnerability scanner. This security tool provides you with a better understanding…
WordPress Vulnerability & Patch Roundup November 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…