SQL injection in WordPress plugins is a vulnerability in which an attacker can inject and execute malicious SQL code in the site database. This usually happens if user input (such as form data or URL parameters) is not sufficiently checked or filtered before being used in SQL queries.
Cross-site scripting (XSS) vulnerabilities occupy one of the first places in terms of frequency among the vulnerabilities found in WordPress plugins. These vulnerabilities occur when data from a user is not sufficiently cleaned before being displayed on site pages, which allows attackers to inject malicious code such as JavaScript and execute it in visitors’ browsers. XSS attacks can lead to theft of user data, hijacking of sessions, modification of page content, and other types of malicious activity
Our research team discovered a new type of tricky malware that modify cron to re-infect a WordPress site. It causes some problems because of unusual way of infection. Cron is a task scheduler in Unix-based systems that allows specific commands
Radio.php is a classical backdoor or shell, it is using to infect and take control of a site. Through this backdoor an attacker is able to, For a note, radios.php is not a part of standard WordPress setup. How can
Hi guys, I’d like to share some significant signals that tell about infection on a WordPress site. These data has been collected by our research team at CleanTalk. The team reviews up to 10k files weekly as well as we
