Attacks on WordPress sites is increasing with the passing of each day. If we see at the previous month’s attack on WordPress sites, most of the attacks were targeting newly patched bugs. Besides this hackers took advantage of the bugs found in various plugins. Below is the record of plugins that were affected or exploited in the recent attack by hackers. Recently WordPress announced WordPress 5.4 second release candidate available
Duplicator plugin is first in the list of plugins being attacked by hackers. This plug is one of the most famous plugins in WordPress which allows owners of the site to export their site content. Hackers exploited the bug in Duplicator since mid of February.
In response, WordPress soon released a patch for version 1.3.28. The CMS service provider company Automattic estimated that over a million people who installed Duplicator were affected during the attack.
On February 18 a zero-day exploit began in ThemeREX Addons which allowed attackers to create rouge admin accounts. Zero-day Exploit is an attack carried on the same day when a bug is found before it is patched. As the security patch for the vulnerability was not available, updating the plugin was not possible. The only option to guard the site against this attack is to remove plugins from the sites.
Profiler Builder Plugin
A major bug that enables attackers to register unauthorized admin accounts was found in free and pro versions of the Profile Builder plugin. Over 50,000 free version users and 15,000 commercial version users were affected by this bug which was later fixed on February 10.
Flexible Checkout Fields
The Attackers targeted Flexible Checkout Fields for the WooCommerce plugin. Over 20,000 WordPress based e-commerce sites have this plugin installed. Since 26 February zero-day exploit began in this plugin, attackers injected XSS payloads to create rogue admin accounts. A security patch issued to fix this bug.
For more Internet news signup for our newsletters.