very vanilla wordpress, it was a basic blog site. I think the only plugins I used were google analytics and some basic theme. I would keep it updated whenever I remember but maybe it wasn't often enough. Not exactly sure what the vector was and from whatever quality of analysis I did, the system didn't appear damaged beyond the changes made to the wordpress folder and luckily, the damage didn't seem to escape the www-data user that the http server ran as.
I'm gunna suggest compromised hosting. The issues I've seen (once plugins / core / php is up to date and obvious stuff sorted) has been almost entirely on shared hosts.
"Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting (XSS) attacks."
waynesonfire|3 years ago
dmje|3 years ago
dschiffner|3 years ago
admin / abcd123!
waynesonfire|3 years ago
Here is one just from January of this year,
https://www.debian.org/security/2022/dsa-5039
"Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting (XSS) attacks."