A new kind of attack targets fresh WordPress installations. Attack starts with a scan after the “/wp-admin/setup-config.php” URL. This is the setup URL for any freshly installed WordPress. If the attackers find that URL and it contains a setup page, it indicates that someone has recently installed WordPress on the…
WordPress protection
For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: All-in-One WP Migration Cross-Site Scripting (XSS) reported by Twitter user @0w4ys. Immediately update to version 6.46 to fix the vulnerability. Ultimate Product Catalogue Authenticated SQL Injection reported by Twitter user @log_oscon. Immediately update to version 4.2.3 to…