Author Archives: Aizat W

WordPress site hacked, implanted with “Backdoor.PHP.CNShell.a”

By | 1 July, 2021

On 1st of July 2021 we are doing our routine security check on our client website. And as we continue do the full scanning on the site, we found that just like previous post here. We found another php files implanted within a wordpress css core folder at “/wp-admin/css/colors/blue/nys.php”.  According to our experience with wordpress,… Read More »

WordPress site hacked, implanted and injected with backdoor script “Backdoor.PHP.WEBSHELL”

By | 30 June, 2021

On 30th of June 2021 we are doing our routine security check on our client website. And as we continue do the full scanning on the site, we found that almost all .js script in the plugin installed has been injected by unknown malicious code. And through it, we found out that it seems that… Read More »

WordPress site get injected through Elementor Addon plugins xss script vulnerability

By | 2 May, 2021

Today on 2nd of May 2021 we have found out that one of our client websites has been displaying malicious behaviour. The details can be read here. And as we continue do the full scanning on the site, we found out that index.php and .htaccess has been modified by the attackers. For comparison between the… Read More »

WordPress sites hijacked by Plugin Vulnerability at The Plus Addons for Elementor Page Builder 4.1.5

By | 2 May, 2021

On 2nd May 2021 around 7AM we found out that one of client website showing suspicious behaviour such as high number of server resource usage and high number of error log. Upon inspection we found out that the site has been hijacked through plugin vulneribility stated here: https://wpscan.com/vulnerability/c311feef-7041-4c21-9525-132b9bd32f89 Through it we able to confirmed that a… Read More »

Testing and Configuring Cloudflare DNS Firewall

By | 27 February, 2021

Cloudflare offer and interesting products on the free and pro plan that attracted my attention towards it. Which is the WAF features and it also automatically challenge the request from TOR web browser. As my website is legitimate and didnt collect any unnecessary information as it is a company page, i cannot think other possibilities… Read More »

Cannot add new wordpress category.

By | 1 September, 2020

Symptom : WordPress existing categories can be deleted. But new categories cannot be added. Either directly via Posts > Categories or via inside the Post > Post Title > Edit > Side Menu Categories. Source of the problem : The database “Auto Increment” function did not been activated on the related database. Possible Causes :… Read More »