Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
v_prokopenko2016-11-17 11:07:47
Burglary protection
v_prokopenko, 2016-11-17 11:07:47

New wordpress vulnerability?

The user [email protected] registered on three WordPress sites within one night with a spread of several hours and received administrator rights.
And:
1. On all sites there were different versions of WordPress, on one the latest, on two - outdated for half a year.
2. All sites on one hosting.
3. FTP and phpmyadmin access to all sites has been closed.
4. User registration in WordPress was prohibited.
5. Hosting technical support did not detect brute force attempts, etc.
6. The sites have approximately the same set of plugins, but there were no problems with them before.
The question is in what direction to dig, how is this possible?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
Dmitry, 2016-11-17
@dimasmagadan

Where did you download templates for websites?

Report
O
ommunist, 2016-11-18
@ommunist

The guy had doors in the theme templates beforehand.

Similar questions
M
MyRandomName2018-04-03 13:31:36
What are social engineering services? 2Reply
P
Pokatum2020-05-30 23:21:17
LitRes is hacked?! I have yes! How are you, those who have an account? 1Reply
G
Goodron2018-05-08 17:51:53
Is it possible to increase the number of threads in Hydra? 1Reply
P
Pan Propan2015-01-03 22:46:08
Is it possible to sparse an encrypted site? 3Reply
D
Denis2013-01-05 14:50:31
How could the site be hacked? 10Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question