The WordPress Firewall plugin notified me of a new attack on my WordPress site today; an attempt to inject a file named “fgiwfi.php” via a “password_forgotten.php” injection. This was quickly followed by another e-mail alerting me to an attack from the same IP using the same forged link on another of my pages, but this …
