In my opinion, one of the most vulnerable software packages out there has to be wordpress. Not a day goes by that I don’t come across a hacked wordpress site. More often then not, the reason the site was hacked is the client did not keep their wordpress updated.

Hacked wordpress sites will not only be a problem for the client who was hacked, but is typically an issue for all clients on the server, as the hacker is usually going to send out spam from the hacked account.

To help combat this, you should scan your server for all accounts using wordpress, as well as the version they are running. Then you can use this information to contact your clients that are using outdated versions, and ask them to upgrade wordpress on their sites.
On a cPanel server, run the following command. Note, it’s all one line, and should be run as a single command:

find /home/*/public_html/ -type f -iwholename "*/wp-includes/version.php" -exec grep -H "\$wp_version =" {} \;

On a Plesk server, run the following command. Again, it’s all one line, one command:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename "*/wp-includes/version.php" -exec grep -H "\$wp_version =" {} \;

The output will look something like this.

/home/username1/public_html/wp-includes/version.php:$wp_version = ‘4.1’;
/home/username2/public_html/wp-includes/version.php:$wp_version = ‘3.2.1’;
/home/username3/public_html/wordpress2/wp-includes/version.php:$wp_version = ‘3.5.1’;

This shows the folder that the wordpress install is in, as well as the version it’s running.
(sưu tầm)