Skip to main content
WP HealthKit

Clickjacking

Tricking users into clicking hidden elements by overlaying a transparent iframe on a legitimate page.

How it works

Tricking users into clicking hidden elements by overlaying a transparent iframe on a legitimate page.

In WordPress

Prevented by X-Frame-Options: DENY header. WordPress admin should never be embeddable in iframes.

Related terms

CSRF

WP HealthKit checks for Clickjacking-related vulnerabilities automatically

Run a Free Audit
All terms
What Is Clickjacking? — WordPress Security Glossary | WP HealthKit