URL injection

A URL (or link) injection is when a cybercriminal creates new pages on a website owned by someone else, that contain spammy words or links. Sometimes, these pages also contain malicious code that redirects your users to other web pages or makes the website’s web server contribute to a DDoS attack. URL injection usually happens because of vulnerabilities in server directories or software used to operate the website, such as outdated WordPress or plugins.