edit-icon download-icon

[Vulnerability notice] Installation page vulnerability in WordPress

Last Updated: Nov 27, 2017

Description

WordPress guides the administrator to visit the WordPress installation page at the administrator’s first access. This page allows configuration of databases and other information.

Hackers may visit this page and connect the website to an external database to tamper with the website content and further break into the host.

Fix

Initialize the configuration immediately after you unzip the WordPress installation package. The WordPress installation page becomes invalid after the configuration is complete.

Thank you! We've received your feedback.