Every page, one list.

Site

• Accueil
• Services
• Tarifs
• À propos
• Contact

Cleanups — by symptom

• WordPress hacked
• Japanese SEO spam removal
• Pharma hack removal
• WooCommerce malware removal
• Google 'Deceptive site' warning removal

Cleanups — by incident / CVE

• Really Simple Security · CVE-2024-10924
• Bricks Builder · CVE-2024-25600
• LiteSpeed Cache · CVE-2024-50550 / 44000
• WP Automatic · CVE-2024-27956
• GiveWP · CVE-2024-5932
• Hunk Companion · CVE-2024-9707 / 11972
• WPML · CVE-2024-6386
• LayerSlider · CVE-2024-2879

Audits

• Audits — overview
• Penetration testing
• Security audit
• Plugin / theme audit
• Security checkup
• Pre-launch review

Guides

• How to know your WordPress site is hacked (a triage checklist)
• A WordPress hardening checklist that actually closes doors

Blog

• Burst Statistics auth bypass (CVE-2026-8181): exploited in the wild
• Someone bought 30 WordPress plugins and backdoored all of them
• One million WordPress sites: arbitrary file read and SQL injection
• WordPress 5.7 XXE: how it works and why you patch it
• WordPress: how a 'delete a file' bug became remote code execution

Recherche

• (none yet)

Legal / policy

• Privacy
• Terms
• Impressum
• Responsible disclosure

Feeds

• All posts (Atom)
• Guides feed
• Blog feed
• Research feed
• XML sitemap
• llms.txt