WordPress builds the pages viewed by your blog’s visitors with data retrieved from the database. This includes blog posts, comments, and information about the users who left comments on your blog. Hackers are more and more successful at putting spam and malware into the database behind your blog. Once they succeed in persisting unwanted content to the database layer, WordPress delivers it to the end browser – your customer, or blog reader.
This presentation addresses the following questions:
What are the common categories of undesirable persisted content?
Where in the database are these persisted?
How can you find these? Some successful strategies in detecting these.
What you can do about undesirable database content when you find it.