Monday, August 29, 2016

Wordpress Login Wall attack example

Wordpress Login Wall was supposed to be for your protection against brute force and other login attacks. Instead per this older blog post if you use this plugin you may put yourself at risk to attacks that allow for raw eval's of php code that you pass into the login parameter. Ouch.

GET/wp-content/plugins/login-wall-etgfb/login_wall.php?login=cmd

More about neonprimetime


Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. An Invoice email and a Hot mess of Java


Top Github Contributions
  1. Qualys Scantronitor 2.0


Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.
Posted by at
Labels: , ,

1 comment:

  1. WelderReview.comJuly 22, 2019 at 3:09 AM


    Hello,

    we provide affordable and result-oriented SEO services, please give a chance to serve you.


    Thanks
    Admin: E07.net

    ReplyDelete

Subscribe to: Post Comments (Atom)