Blog

Notes from the cleanup floor

Field notes, incident retrospectives, and short reads on WordPress malware and site recovery.

Site owner mai 15, 2026 2 min read

Burst Statistics auth bypass (CVE-2026-8181): exploited in the wild

A 9.8 CVSS authentication bypass in the Burst Statistics plugin is being exploited. 200K+ sites affected. Here's a quick triage.

Read article →

Site owner Mai 15, 2026 2 min

Someone bought 30 WordPress plugins and backdoored all of them

Plugin acquisition as an attack vector. If a plugin you trust changes hands and ships a 'security update' you didn't ask for, that's the playbook.
Site owner Mai 15, 2026 2 min

One million WordPress sites: arbitrary file read and SQL injection

A vulnerability chain affecting more than a million WordPress installs was disclosed by Wordfence. Here's what it means if you run one of those sites — and how…
Developer / sysadmin Mai 15, 2026 2 min

WordPress 5.7 XXE: how it works and why you patch it

Sonar's writeup of the WordPress 5.7 XML External Entity bug — what it leaks, where to find it, what fixed it.
Developer / sysadmin Mai 15, 2026 2 min

WordPress: how a 'delete a file' bug became remote code execution

Sonar's writeup of a chained vulnerability where the ability to delete an arbitrary file in WordPress was escalated to code execution. A classic, and a useful …

Démarrer une mission

Site compromis ? Démarrer une mission.

Envoyez ce que vous savez. Nous renvoyons un triage et un devis fixe.

Ouvrir le formulaire →