WordPress is an open source content management system running on PHP and MySQL, and often used as a blog engine. Specific Wordpress questions are best asked at https://wordpress.stackexchange.com
Questions tagged [wordpress]
290 questions
-3
votes
2 answers
What kind of virus attack is this? And what do I do now?
I have just inherited a running wordpress installation from another agency and the theme (twentyeleven) they are using for my client has been corrupted. This is what most of the theme's php files looks like at the beginning of the file:
What kind…
Amit Erandole
- 129
- 4
-3
votes
1 answer
Wordpress - cleartext admin credentials disclosure
I am testing my own wordpress blog against security issues with wpscan.
Honestly I have never done that before and was shocked after I saw the result.
One vulnerability of my wordpress site is:
[+] WordPress version 3.8 identified from rss…
Carol.Kar
- 95
- 3
-3
votes
2 answers
How high is the security risk if a hacker got your wordpress wp-config.php file and a dump of your database?
If a hacker got a hold of your wordpress wp-config.php file and a dump of your database containing your hashed password? How hard would it take for them to easily cracked your password even if you are using a hard to guess password like…
kuchi
- 105
- 2
-4
votes
1 answer
Can I upload a reverse shell to a website remotely if directory listing is enabled?
Can I upload a PHP reverse shell to a WordPress website if there is a directory listing vulnerability in the website? The condition is that I can see the entire file structure of /wp-includes in a WordPress website and I want to upload a PHP Reverse…
Rohit Arora
- 1
- 1
- 2
-4
votes
1 answer
How can WPscan bruteforce passwords without hitting any limit rate?
I've just watched this video which shows the attacker bruteforcing both usernames and passwords. How can this be achieved without hitting any limit rate? Does it mean that WordPress doesn't provide any limitations by default?
