best wordpress security plugin

I used the HTML5 theme in WordPress, unable to display audio, but could not find the appropriate audio playback plug-in (WordPress plugin Center found some of the HTML5 audio playback plugin useless). Several searches found this: http://kolber.github.io/audiojs/but I will not install, do not know whether it will be use

share this relatively simple verification code plug-in, Mini-capatcha. After installation, you can enter the code below the comment box, and there is a time interval before you can comment, this can be to a certain extent to organize clumsy robot comments and user malicious comments, at least need to enter the verification code and a little time to wait. First, download plug-ins and install Mini-capatcha The code is as follows Copy Code

Hana FLV Player is a more widely used player plugin in WordPress,The plug-in is built with 5 media players, and its playback files are mainly FLV files.And the Insert File button integrated into the WordPress background editing interface for user-friendly operation,is really a rare good plug-in. Built in player OS FLV V2.0.5 FlowPlayer V2.2.1 FlowPl

# Exploit Title: Wordpress-Beer Recipes v.1.0 XSS# Google Dork :-# Date: June/25/2011# Author: TheUzuki.# Software Link: http://opensourcebrew.org/beer-recipes-plugin/# Version: v.1.0# Tested on: Windows 7# CVE :-######################################## ############################# SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities# Download: http://opensourcebrew.org/beer-recipes-

Old Chiang often in some blog site to see wordpress sliding unlock function, this function can be a little more effective to prevent the software batch to submit messages, because the message submitted before the need to manually slide unlock before you can. Here can be implemented with Myqaptcha Plug-ins, this plug-in is developed by the people, from experience than Mini-capatcha plug-ins better, at least looking at the more handsome. In t

In the previous article WordPress plugin developed (a) Hello world, demonstrating the simplest implementation of Hello World, just adding the Hello World character after each post, and the characters are also written dead.What if the user needs to enter some text and then display it at the back of each article?First of all, there is a menu in the background, click on the menu to display a page, in the page

Dx-seo is a powerful multi-functional wordpress SEO plugin , the main features and how to use the followingGlobal switch settingsAfter you launch the plugin, you can turn on or off all of the features in the "Dx-seo" section.Automatic anchor text functionThis function can retrieve the content of the article, match to the preset keyword automatically converted int

Release date:Updated on: Affected Systems:WordPress Easy WebinarDescription:--------------------------------------------------------------------------------Bugtraq id: 56305 Easy Webinar is Wordpress's Automatic Network conferencing software. The Easy Webinar plugin has the SQL injection vulnerability. Attackers can exploit this vulnerability to control applications, access or modify data, and exploit other vulnerabilities in lower-level databases.

# Title: WordPress formcraft Plugin SQL Injection # Author: Ashiyane Digital Security Team # software download: www.wordpress.org # test environment: Windows, Linux # vulnerability: SQL Injection # Location1: [Target]/wp-content/plugins/formcraft/form. php? Id = [SQL] #### Exploit-DB Note: # A PoC: form. php? Id = 1% 20and % 20 1 = 1 Milad HackingWe Love MAID: ht

Consider all aspects of the situation, I did not use some other WordPress related log (relatedposts) Plug-ins, but the full application of simple tags plug-ins Powerful related logs, related tag functions, combined with Inove theme, the use of simple tags to achieve the output related log function, it feels good. Although simple tags can be in the background to set the relevant log, but the added related log list can not control the location of its oc

Cos_cache_ob_callback ($buffer) {//Here is the output buffer from WP to get content ready to write to the static fileThe following a bunch of regular expressions, not for the average person, I am the average person, so do not readBut apparently in the process of commenting on the relevant information$buffer = Preg_replace ('/( $buffer = Preg_replace ('/( $buffer = Preg_replace ('/( $buffer = Preg_replace ('/( $buffer = Preg_replace ('/( $buffer = Preg_replace ('/(Not the average person to see t

I. Preface II. Environment III. Basic Configuration 1. Build a LAMP Environment 2. install WordPress 3. Install phpMyAdmin Iv. Security Configuration 1. Authentication 2. Source Control 3. encrypted access (https) V. Test ------------------------------------------- I. Preface LAMP is Linux + Apache + Mysql + PHP. A group of open-source software commonly used to build dynamic websites or servers are indepen

# Title: Wordpress Lazy SEO plugin Shell Upload Vulnerability # Author: Ashiyane Digital Security Team # developer: http://wordpress.org/plugins/lazy-seo.pdf software: Release: 1.1.9 # Test System: windows ################ design page: Site/wp-content/plugins/lazy-seo/lazyseo. php ############### 1.Go to address: Site/wp-content/plugins/lazy-seo/lazyseo. php #2.

renamed to advanced-cache.php same to wp-content directory ⑥ The last step in the W P-content directory to build a cache folder, and then create a new Supercache folder under the Cache folder ⑦ view the source code at the bottom of the site, if there is a text similar to the following indicates that no success, continue to modify: ⑧ View the source code at the bottom of the site, there is a text similar to the following to open the success: Note: After changing the website file to go to "te

Hello, thats a 0day on the must downloaded WordPress plugin. # Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection # Google Dork: intext: "Powered by Wordpress + WPtouch" (with iphone/android User-Agent) # Author: MaKyOtOx (special Pwet to ansx Zizoun

-atom.php documents, if not recently modified, can skip; 3, ditto, testing functions.php documents; 4, note that the feed is cached, after the modification is completed, send an article, so that WP program to rebuild the feed, so as to see the effect; 5, if still wrong, you can try to temporarily shut down all plug-ins, replacement theme, such as one by one exclude. All the above documents have been modified, there is no clue. So I installed a plugin