WordPress.Login.Brute.Force
Description
This indicates an attempt to exploit a Failed Login Response vulnerability in WordPress and WordPress MU.
The vulnerability allows a remote attacker to determine if a user account is valid from the "failed login" response. A remote attacker can send multiple user enumeration attempts in order to identify valid accounts. Detection is triggered if logins are attempted at a rate of more than about 1000 times in 10 seconds.
Affected Products
WordPress 2.8 and prior.
WordPress MU 2.7.1 and prior.
Impact
Impact of a successful attack could vary, with the worse case being a system compromise.
Recommended Actions
Adjust the threshold to your network.
Monitor the traffic from that network for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:Wordpress. Login. Brute. Force:WordPress. Login. Brute. Force |