| 2022-04-04 | Johannes Ullrich | Emptying the Phishtank: Are WordPress sites the Mosquitoes of the Internet? |
| 2022-02-02 | Johannes Ullrich | Finding elFinder: Who is looking for your files? |
| 2021-11-30 | Johannes Ullrich | Hunting for PHPUnit Installed via Composer |
| 2019-07-18 | Xavier Mertens | Malicious PHP Script Back on Stage? |
| 2018-06-13 | Xavier Mertens | A Bunch of Compromized Wordpress Sites |
| 2018-01-09 | Jim Clausing | Are you watching for brute force attacks on IPv6? |
| 2017-05-05 | Xavier Mertens | HTTP Headers... the Achilles' heel of many applications |
| 2017-02-04 | Xavier Mertens | Detecting Undisclosed Vulnerabilities with Security Tools & Features |
| 2015-03-13 | Guy Bruneau | Blind SQL Injection against WordPress SEO by Yoast |
| 2014-11-20 | Johannes Ullrich | Critical WordPress XSS Update |
| 2014-07-22 | Daniel Wesemann | WordPress brute force attack via wp.getUsersBlogs |
| 2014-06-19 | Tony Carothers | WordPress and Security |
| 2014-03-12 | Johannes Ullrich | Wordpress "Pingback" DDoS Attacks |
| 2012-05-22 | Johannes Ullrich | nmap 6 released |
| 2012-04-21 | Guy Bruneau | WordPress Release Security Update |
| 2012-01-05 | Russ McRee | WordPress 3.3.1 fixes 15 issues with WordPress 3.3 including XSS. Download 3.3.1 or visit Dashboard --> Updates in your site admin panel. |
| 2011-06-30 | Guy Bruneau | WordPress 3.1.4 Security Update - http://wordpress.org/news/2011/06/wordpress-3-1-4/ |
| 2011-06-22 | Guy Bruneau | WordPress Forces Password Reset |
| 2011-04-18 | John Bambenek | Wordpress.com Security Breach |
| 2011-02-08 | Mark Hofman | WordPress 3.0.5 (and 3.1 RC4) are out |
| 2010-12-30 | Johannes Ullrich | Critcal Wordpress Security Update http://wordpress.org/news/2010/12/3-0-4-update/ |
| 2010-12-02 | Kevin Johnson | SQL Injection: Wordpress 3.0.2 released |
| 2010-05-19 | Kyle Haugsness | Wordpress blog attacks... again |
| 2010-05-10 | Toby Kohlenberg | Another round of WordPress Attacks |
| 2010-02-05 | Jim Clausing | WordPress iframe injection? |
| 2009-11-30 | Bojan Zdrnja | Distributed Wordpress admin account cracking |
| 2009-10-21 | Pedro Bueno | WordPress Hardening |
| 2009-08-11 | Swa Frantzen | Wordpress unauthenticated administrator password reset |
| 2008-09-09 | Swa Frantzen | wordpress upgrade |
| 2008-04-23 | Mari Nichols | What's New, Old and Morphing? |
https://www.sans.edu
