New WordPress Vulnerability Feb. 2017
A new WordPress vulnerability was found in the past weeks that has caused tens of thousands of websites to get hacked.
If you are running WordPress version 4.7.0 or 4.7.1., upgrade to 4.7.2, upgrade your WordPress code NOW.
WordPress 4.4 introduced the JSON REST API. For WordPress developers, this is a useful feature. Most WordPress websites do not need this functionality enabled though. You can turn this off by installing the Disable REST API plugin.
If your WordPress installation has not been fully secured when it was installed, you should seriously consider doing this WordPress maintenance. Sooner or later your website will get hacked if you do not take proactive steps to secure it. If your not sure if it has been, consider these issues. If you answer yes to any, then your site has not been properly secured.
- Is your admin username “admin”?
- Is your admin url “wp-admin” https://www.yourdomian.com/wp-admin/
- When you log into WordPress admin, do you see warning messages of outdated plugins and core code?
Contact me if you need help securing your WordPress website.
Read the full article on Bleeping Computer