Tag Archive | "wordpress-security"


22 November 2014 | 352 views

Critical XSS Flaw Affects WordPress 3.9.2 And Earlier

So it’s been a while since we’ve talked about any flaws in WordPress – because usually they are pretty dull and require such an obscure set of circumstances, that they are unlikely to ever occur in the wild. The most recent time was this year actually, but was a DoS attack, which is not THAT […]

Continue Reading


11 August 2014 | 2,985 views

XML Quadratic Blowup Attack Blows Up WordPress & Drupal

This was a pretty interesting piece of news for me last week as I was actually affected by it (I think?). It’s an XML Quadratic Blowup Attack that affects both WordPress and Drupal and is quite serious as rather than just crashing the software, it can take down the whole server. It didn’t completely take […]

Continue Reading


18 April 2013 | 6,709 views

Large Scale Botnet Brute Force Password Cracking Against WordPress Sites

There have always been a lot of brute force attempts/bot scans and hacking attempts on WordPress hosted sites (due to flaws in the core and a multitude of insecure plugins) – this site being no exception (they’ve even done some minor damage before). But things appear to have really ramped up recently with a large […]

Continue Reading


03 August 2011 | 11,306 views

Zero-day Vulnerability In TimThumb Image Utility Threatens Many WordPress Sites

This is pretty apt after we wrote about WebsiteDefender – Ensure Your Website Security on Monday, a platform for securing web applications with a focus on WordPress. Today a zero-day in a very commonly used WordPress library hit quite a few news sites. The flaw is in an image utility called TimThumb which is used […]

Continue Reading


01 August 2011 | 11,809 views

WebsiteDefender – Ensure Your Website Security

WebsiteDefender is an online service that monitors your website for hacker activity, audits the security of your web site and gives you easy to understand solutions to keep your website safe. With WebsiteDefender you can: Detect Malware present on your website Audit your web site for security issues Avoid getting blacklisted by Google Keep your […]

Continue Reading


12 July 2011 | 16,809 views

WPScan – WordPress Security/Vulnerability Scanner

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach (scanning without any prior knowledge of what has been installed etc). Features Username enumeration (from author querystring and location header) Weak password cracking (multithreaded) Version enumeration (from generator meta tag) Vulnerability enumeration (based on version) Plugin enumeration (2220 […]

Continue Reading


12 August 2009 | 53,659 views

WordPress 2.8.3 Admin Reset Exploit

Ah it’s WordPress again, sometimes I wonder how many holes there are in WordPress. I guess a dedicated attacker could find some serious ones with the complexity of the code base. It’s suspected some of the recent high profile breaches have come from WordPress exploits. The latest one to become public is a simple but […]

Continue Reading


31 July 2006 | 6,407 views

WordPress 2.0.4 Released – Fixes Security Issues

Just to let you all know, if you are using WordPress you can upgrade today. The latest stable release of WordPress (Version 2.0.4) is available. his release contains several important security fixes, so it’s highly recommended for all users. We’ve also rolled in a number of bug fixes (over 50!), so it’s a pretty solid […]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·