wordpress – Page 28 – WindowsTechs.com

Sextortion scammers are hijacking blogs – and victims are paying up

Posted on October 30, 2019 by Danny Bradbury

Sextortion scammers have started hijacking poorly managed or defunct blogs to expand an increasingly profitable business. Continue reading Sextortion scammers are hijacking blogs – and victims are paying up→

Alerts and warnings for WordPress theme. What are the risks associated?

Posted on October 18, 2019 by elievi

I have bought a Wordpress theme and scanned its files on www.themecheck.info. The results show 3 critical alerts and 9 warnings:

Alerts:

Presence of iframes : iframes are sometimes used to load unwanted
adverts and malicio… Continue reading Alerts and warnings for WordPress theme. What are the risks associated?→

user_roles getting deleted from wp_options table in wordpress

Posted on October 6, 2019 by NL3294

I would like some advice on how to troubleshoot a problem on Wordpress/Apache/PHP/MySQL

I am looking at the following:
select *
from wp_options opt
where option_name like ‘%wp_user_roles%’
order by option_name

Yesterday, fo… Continue reading user_roles getting deleted from wp_options table in wordpress→

WordPress site request to /wp-includes/Text/Diff/ yields open directory listing

Posted on October 3, 2019 by zedmelon

Someone requested my site’s (Wordpress/Apache) ‘includes’ directory:

122.51.0.219 – – [03/Oct/2019:18:36:15] “GET /wp-includes/Text/Diff/ HTTP/1.1” 200 736 “-” “-”

Noticing the 200 response, I hit the URL myself and found … Continue reading WordPress site request to /wp-includes/Text/Diff/ yields open directory listing→

WordPress sites hacked through defunct Rich Reviews plugin

Posted on September 26, 2019 by Graham Cluley

An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware designed to in… Continue reading WordPress sites hacked through defunct Rich Reviews plugin→

WordPress sites hacked through defunct Rich Reviews plugin

Posted on September 26, 2019 by Graham Cluley

An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware de… Continue reading WordPress sites hacked through defunct Rich Reviews plugin→

Hackers are infecting WordPress sites via a defunct plug-in

Posted on September 26, 2019 by Danny Bradbury

If you’re a Wordpress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now. Continue reading Hackers are infecting WordPress sites via a defunct plug-in→

WordPress Hashcat Decrypt / Decryption (I have wp-config.php file)

Posted on September 23, 2019 by Hashtastic

I purposely created a fresh wordpress install to test hashcat against myself and curious if by having the database SQL file along with the wp-config.php file containing 100% of the DB’s credentials (including the salt/keys ge… Continue reading WordPress Hashcat Decrypt / Decryption (I have wp-config.php file)→

WordPress XSS Bug Allows Drive-By Code Execution

Posted on September 13, 2019 by Tara Seals

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. Continue reading WordPress XSS Bug Allows Drive-By Code Execution→

WordPress 5.2.3 fixes new clutch of security vulnerabilities

Posted on September 9, 2019 by John E Dunn

WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements. Continue reading WordPress 5.2.3 fixes new clutch of security vulnerabilities→