Vulnerability & Patch Roundup — September 2025
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Browsing Tag
WordPress Plugins and Themes
316 posts
Troubleshooting WordPress: How to Fix the White Screen of Death (WSoD)
Rianna MacLeod Navigating to your WordPress site only to be met with the White Screen of Death (WSoD) can be a daunting experience. This error denies access…
Hidden WordPress Backdoors Creating Admin Accounts
Puja Srivastava During a recent cleanup of a compromised WordPress website, we discovered two different malicious files designed to silently manipulate administrator accounts. Attackers often inject such…
Choosing the Best CMS for Your Needs
Kyle Knight Knowing which is the right CMS is key when launching a new site. Websites are no longer just online brochures; they’re where businesses sell products,…
Vulnerability & Patch Roundup — August 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Locking Down the WordPress Login Page
Due to its flexibility, ease of use, and massive plugin ecosystem, WordPress is a favorite among bloggers, developers, and businesses alike. Given its popularity, attackers…
Malicious JavaScript Injects Fullscreen Iframe On a WordPress Website
Last month, we came across an ongoing JavaScript-based malware campaign affecting compromised websites. The malware injects a fullscreen iframe that silently loads content from a…
WordPress Vulnerability & Patch Roundup — July 2025
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Unauthorized Admin User Created via Disguised WordPress Plugin
Recently at Sucuri, we investigated a malware case reported by one of our clients. Their WordPress site was compromised, and the attacker had installed a…
Uncovering a Stealthy WordPress Backdoor in mu-plugins
Recently, our team uncovered a particularly sneaky piece of malware tucked away in a place many WordPress users don’t even know exists: the mu-plugins folder.…
WordPress Redirect Malware Hidden in Google Tag Manager Code
Last month, a customer contacted us after noticing their WordPress website was unexpectedly redirecting to a spam domain. The redirection occurred approximately 4-5 seconds after…