ColourOfSpring - 10:18 am on Apr 15, 2013 (gmt 0)
WordPress installations are constantly being hacked - path of least resistance for hackers. Can you believe that the "vanilla" WordPress allows for unlimited password guesses in its admin control panel - ripe for dictionary hacks.
"Oh but there's a WP plugin for that".
Yes....yes, there's a plugin and patch for every WP vulnerability. But that fact is utterly irrelevant when you figure that the majority of installations out there never get updated.
What we have to realise is that there's a large section of the web that hackers have complete control over - literally millions of hacked sites. And they're getting better at hiding the fact that a site has been hacked. A hacked site can still be daily administered by the site owner, who is completely unaware that their site isn't only being "administered" by them....