The Default WordPress Administrator Account Is In Use

Alert group: WordPress default “admin” account exists Acunetix WP Security Plugin test: During this test Acunetix looks for the default admin account in the WordPress user list. Repercussions: With the default WordPress administrator account active, a malicious user does not have to guess the username of other accounts with administrative permissions, thereby putting your WordPress security at […]

Read More →

Free WordPress Security Plugin by Acunetix

Do you have a WordPress site? Are you concerned about your site’s security? Then make sure you download the completely free WordPress Security Plugin. Powered by Acunetix, the plugin is a free and comprehensive security tool that helps you secure your WordPress installation and suggests corrective measures for: securing file permissions, security of the database, […]

Read More →

WordPress Caching Plugins Remote PHP Code Execution

Two very popular WordPress caching plugins: WP Super Cache (4,373,811 downloads) and W3 Total Cache (1,975,480 downloads) have been affected by a vulnerability that allows remote users to execute arbitrary PHP code. The affected versions are: WP Super Cache (version 1.2 and below,  version 1.3.x and up are OK) W3 Total Cache (version 0.9.2.8 and below, version 0.9.2.9 is […]

Read More →

WordPress Attack Vectors and Open Amazon S3 Buckets Identified by Acunetix WVS

Recently there were a lot of news reports about an ongoing attack on sites using WordPress software. Attackers are using around 90,000 computers to try to brute force WordPress credentials. All these servers are trying common account names like admin, administrator, test, tom, jessica, … and common passwords like admin, 123456, password, … against a wide rage of […]

Read More →