WPSeku is a black box WordPress Security scanner that can be used to scan remote WordPress installations to find security issues and vulnerabilities. Features of WPSeku WordPress Security Scanner WPSeku supports various types of scanning including: Testing for XSS Vulnerabilities Testing for SQL Injection Vulnerabilities Testing for LFI Vulnerabilities Bruteforce login via xmlrpc Username Enumeration […]
wordpress
13 WordPress Security Tips From Acunetix
WordPress has a pretty poor reputation when it comes to security, so here are some WordPress security tips from Acunetix. The WordPress security perception is mostly unfounded sadly, as core WordPress is pretty secure – as long as it’s updated. The same goes for plug-ins and themes, if poorly maintained they are an easy ingress […]
WP Security Audit Log – A Complete Audit Log Plugin For WordPress
WP Security Audit Log is a complete audit log plugin for WordPress, which helps you keep an audit log of everything that is happening on your WordPress and WordPress multisite installation. Ensure user productivity and identify WordPress security issues before they become a security problem. This is claimed to be the most comprehensive user monitoring […]
Plecost – WordPress Fingerprinting Tool
Plecost is a WordPress fingerprinting tool, it can search and retrieve information about the plug-in versions installed in a WordPress installation. It can be used to analyse a single URL or perform an analysis based on the results indexed by Google. Additionally it also displays the CVE code associated with each plug-in vulnerability, if any […]
WordPress Critical Zero-Day Vulnerability Fixed In A Hurry
So this is an interesting announcement due to the discussion points it brings up about responsible disclosure, it seems like in this case a researcher published his findings about a WordPress critical zero-day vulnerability without informing WordPress before hand. And they got it fixed REAL quickly, where as in a previous (pretty similar) case – […]