Monday, August 29, 2016

Wordpress Login Wall attack example

Wordpress Login Wall was supposed to be for your protection against brute force and other login attacks. Instead per this older blog post if you use this plugin you may put yourself at risk to attacks that allow for raw eval's of php code that you pass into the login parameter. Ouch.


More about neonprimetime

Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. An Invoice email and a Hot mess of Java

Top Github Contributions
  1. Qualys Scantronitor 2.0

Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment