Large-scale attack tries to steal configuration files from WordPress sites


Image: ZDNet, WordPress

Hackers have launched a massive campaign against WordPress websites over the past weekend, attacking old vulnerabilities in unpatched plugins to download configuration files from WordPress sites.

The goal of the attack was to use old exploits to download or export wp-config.php files from unpatched websites, extract database credentials, and then use the…


More Info

About mblog.my

Check Also

Goodbye, ManageWP.org; Hello, WP Content – WordPress Tavern

Yesterday, Iain Poulson and Ashley Rich launched community-curated, news-sharing site WP Content. The launch comes …