Tuesday, June 30, 2020

WordPress Vulnerability | credentails News May 2020

According to the report of team Wordfence 


At the end of the may wordfence has detected over 130 million attacks caught and blocked 

 

attackers are are targeting at older vulnerabilities in outdated plugins or themes that allows to download the file  wp-config.php

these file contains database, databases credentials, and connection information, plus authentication

 An attacker with access to this file could gain access to the site’s database, where site content and users are stored cookies using xss bug

below some of attacking IP addresses in this campaign are listed 

200.25.60.53

194.60.254.42

31.131.251.113

107.170.19.251

188.165.195.184

192.254.68.134

93.190.140.8

you should chance your database password and authentication unique keys and salts immediately.

 If your server is configured to allow remote database access

  • An attacker with your database credentials could
  • Add an administrative user,
  • Stealing sensitive data
  •  delete your site altogether. 
Even if your site does not allow remote database access, an attacker who can bypass other security mechanisms 

using your security authentication keys and passwords 

how to know your website was attacked or not

in your server logs. Look for any log entries containing wp-config.php 
in the query string that returned a 200 response code.
JAI HIND 
let me know your thoughts Email

2 comments:

Vulnerabilities of the Past Are the Vulnerabilities of the Future

  May had the fewest vulnerabilities, with a total of 55 and only four considered critical. The problem is that the critical vulnerabilities...