How hackers create hidden admin users on your WordPress blog.
Very often, when we clean up a hacked WordPress website, we found hidden admin users created by the attackers. In this post, we will see how hackers manage to create and hide them.
Tag: Tutorial
The impact of an XSS vulnerability on WordPress: How hackers exploit XSS vulnerabilities to create admin accounts on your blog.
With a proof of concept and a video, we explain in this post how hackers exploit XSS vulnerabilities in order to create administrator accounts on your blog.
WordPress and the evil RELOCATE.
A few days ago I found the following directive inside the WordPress configuration file of one of our customers: define(‘RELOCATE’, true);
NinjaFirewall (WP Edition) adds PHP backtrace to email notifications.
Starting from version 3.8.3, NinjaFirewall (WP and WP+ Edition) will attach a PHP backtrace to some important email notifications sent to the administrator.
NinjaFirewall and the General Data Protection Regulation (GDPR).
The purpose of this document is to inform you about how to be compliant with the General Data Protection Regulation (GDPR).