ExtraHop named a Leader in the 2025 Forrester Wave™: Network Analysis And Visibility Solutions

ExtraHop Logo
Search
Try ExtraHop
Menu iconX icon
  • Platformchevron right
  • Solutionschevron right
  • Modern NDRchevron right
  • Resourceschevron right
  • Companychevron right
User iconSign In
Contact Us

DETECTION OVERVIEW

WordPress Brute Force

Risk Factors

WordPress is a popular website and blog hosting platform. Users authenticate to WordPress through a standard login page. This single point of entry is easily targeted with a simple brute force attack. After gaining unauthorized access, the attacker can take advantage of a Wordpress host with a credible reputation to maliciously send spam or launch other harmful attacks.

The system might change the risk score for this detection.

Kill Chain

Exploitation
Detection diagram
Next in Exploitation: Zerologon Exploit Attempt - CVE-2020-1472

Attack Background

A brute force attack is a method for finding valid credentials by guessing a user password. Working with software and pre-built or custom password lists, an attacker sends several username and password combinations to the WordPress login URI, which is wp-login.php. If an attacker guesses the right password for a given username, they could gain unauthorized access to the Wordpress site through the compromised account.

Mitigation Options

Implement a policy to lockout users after a specific number of failed authentication attempts

Implement two-factor authentication (2FA) on the WordPress host

Enforce a strong password creation policy

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use casesArrow pointing right