There was a vulnerability that was found in a WordPress Anti-Malware Security and Brute-Force Firewall plugin for use on WordPress. It defends a website like it's a firewall and it also works as a security scanner to scan for threats. The premium version of this defends against brute force attacks where a hacker uses a bot to guess your password. There are many XSS vulnerabilities but the main types are stored cross-site scripting, blind cross-site scripting, and reflected.

Key Takeaways:

  • The plugin contained the Anti-Malware Security and Brute-Force Firewall which has been used by over 200,000 websites.
  • This plugin defends a website as a firewall and checks for security threats in the form of backdoor hacks.
  • The premium version of this plugin will defend websites against brute force attacks that try to guess passwords and usernames.

“A reflected cross-site scripting vulnerability in this context is one in which a WordPress website does not properly limit what can be input into the site.”

Read more:

Book a Website Discovery Call Today


Website HQ is a boutique agency in Jacksonville, FL, that restores hacked WordPress websites and offers custom WordPress designs for businesses around the globe. 

Contact us for help with your WordPress site. Book a Free Call Today.