WordPress Backdoor detection

WPSec can now detect at least three different backdoored WordPress plugins. The plugins are: Duplicate Page and Post 2.1.0-2.1.1 No Follow All External Links 2.1.0-2.3.0 WP No External Links 4.2.1-4.3 We recommend that you run the free scan available at www.wpsec.com

WordPress Vulnerability Testing with Nmap

Nmap is one our favorite tool when it comes to security testing (except for WPSec.com). Nmap was created in 1997 by Gordon Lyon aka Fyodor. The current version 7.60 contains about 580 different NSE-scripts (Nmap Scripting Engine) used for different security checks or information gathering and about six of them are related to WordPress. Our first test is to just …

WordPress Vulnerability Testing with Nmap Read More »

WordPress 4.8.2 Security Release

👉 Run a free WordPress Security Scan at WPScans.com > WordPress 4.8.2 is now available for download at WordPress.org. This is a security release for all previous versions and WPScans strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to …

WordPress 4.8.2 Security Release Read More »

New owner

WPScans.com was recently sold on Flippa.com and I would like to introduce myself as the new owner. My name is Jonas Lejon and i’ve been working with Cyber Security since 17 years. The last 7 years I have also been working with WordPress Security. In the past i’ve built several security related web services such …

New owner Read More »