Asgard Security Scanner не удалось установить, по этому поставил Better WP Security и Wordfence. Работая на локале исключаю FTP. Первоначальные проблемы с безопасностью:
- The admin user still exists.
- Your login area is not protected from brute force attacks.
- You are not enforcing strong passwords for any users.
- A user with id 1 still exists.
- Your website is not looking for changed files. Consider turning on file change detections.
- Your WordPress site is not blocking suspicious looking information in the URL. Click here to block users from trying to execute code that they should not be able to execute.
- Your database table prefix should not be wp_.
В плагине CP Multi View Event Calendar выполняется обращение к базе данных с помощью стандартных PHP команд.