The Wordfence-WPScan whitepaper is out, shedding light on the state of WordPress security. But these threats aren’t just limited to WordPress; virtually any website that uses a database, accepts user input (e.g. forms), or has a login page (for users or site administrators) is a legitimate target.
