Attack

SQL triggers as WP backdoors

Attackers often exploit wp-config.php to find database credentials and add an admin user. This persistence can be hidden with SQL triggers.

Read
GOOD PRACTICES

The danger of abandoned Wordpress plugins & themes

A lot of Wordpress websites still use deprecated plugins. What is the danger ?

Read
ATTACK

Slow Loris Attack

What is Slow Loris attack ? How to protect from it ?

Read
VULNERABILITY

CVE-2020-15598 : DOS vulnerability for ModSecurity 3

ModSecurity 3.0.X is affected by a DOS vulnerability, due to the way regular expressions execute.

Read