Archive | WordPress Security Blog

WordPress Security Blog provides the latest news about WordPress security solutions trends or alerts. We hope this information will help you to harden WordPress and protect your online business or blog from potential threats.

Google Dorking or Google Hacking

Google Dorking can expose your WordPress site vulnerabilities

Google Dorking or Google Hacking is a search technique which involves advanced operators to craft specific search queries. These search queries could provide SERPS (Search Engine Results Pages) with a list of vulnerable sites. Exploitation of the Google Search Engine makes it possible to look up for sensitive data and vulnerable websites without special software […]

Continue Reading 1
WordPress REST-API

WordPress REST API vulnerability makes a tremendous impact on thousands of websites

WordPress REST API got it’s first nasty kick. Latest WordPress security release rolled out on January 26, 2017 (WordPress version 4.7.2). At first, changelog claimed that WordPress Security Release 4.7.2 fixes only three issues. Weak authentication and session management when users without required permissions can access Press This function and assign taxonomy terms. This issue […]

Continue Reading 1

Nine steps to strengthen your WordPress login page security

One of the most frequent attacks your WordPress site will suffer is the brute force attack. Automated software will try and access your site by guessing your login credentials. If you let them, these programs will repeatedly try to login to your site and gain administrator access. If that happens, then your are in trouble – admin access will allow a malicious individual to do more or less whatever they want on your site. It’s not a small problem, every day there are millions of brute force attacks on WordPress sites. (more…)

Continue Reading 0