If you think WordPress is 100% secure and you do not need any extra security, this article is made for you. Our ethical hacker, Rhythm Jain, defines the most common and impactful issues of WordPress websites. Enjoy the read!
The attack is also known as Hit and Trial Attack, as the attacker tries different credentials one by one. This type of attack is often done on the Admin Panel’s login page to log in as the Administrator of the website.
In this attack, a wordlist of the most commonly used usernames and passwords are attached to the tool and the tool adds the credential to the login page.
If an attacker is successfully able to log in as an administrator, the authorised admin of the website will not have any access to the admin panel. Hence, the person won’t be the owner of the website anymore.
This vulnerability arises due to the improper security configuration of the server. WordPress sites may have an option, which allows a user to upload a profile photo or upload any other document such as an attachment.
Now, if a user is allowed to upload a profile photo, then the user must be only allowed to upload documents with an extension of “.jpg, .png, .jpeg, .gif”. However, if it allows any other extension like “.php, .js, etc.” then these files can get executed on the server-side and can hack the server as well as the website.
Every website has a database in its backend to manage the data such as user credentials or the reviews/comments. A hacker can just put some SQL queries in the input field and can retrieve some valuable data.
This happens, when the developer of the website does not properly sanitize the input field, allowing only the necessary characters and banning all other unnecessary characters.
SQLi is so dangerous that it can even deface your website and can even delete your website, if the hacker successfully extracts the administrator’s credentials.
This vulnerability is one of the most expensive vulnerabilities in Bug Bounty hunting as the impact caused by this vulnerability is permanent and highly dangerous.
WordPress uses the Javascript, so an attacker can inject a malicious javascript payload in the review section or the comment section of the website and it gets permanently stored in the server. So, whenever any visitor tries to visit the website, then the javascript payload can get executed and the visitor might get infected.
It can result in URL redirection, forcefully downloading malware, unwanted pop-ups, etc.
When a website is developed, there are so many directories made. After running the crawler, an attacker can see all the directories present in the website.
Now, the attacker can try to surf through the directories and if the directories are not kept hidden or locked, then the attacker will be able to see all the data present in the directory. Some of the important files which can cause potential damage to the website are: wp-config.php file and xmlrpc.php file.
Misusing these files can lead to a Denial of Service (DoS) attack and defacement of the website.