1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: WordPress Backdoor Activity

System Infected: WordPress Backdoor Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects compromised WordPress backdoor activity on the affected machine.

Additional Information

Outdated or misconfigured WordPress servers are vulnerable to many vulnerability attacks.

Attackers can manipulate compromised servers using WordPress backdoor to forward sensitive data to C2 server or redirecting website users to malicious sites.


  • Various WordPress Servers.


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube