By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Cross-Site Scripting: The Real WordPress Supervillain
    Cross-Site Scripting: The Real WordPress Supervillain
    12 months ago
    Hackers targeting your smartphone
    12 months ago
    Improved Version of CTB-Locker (Onion Ransomware) Emerges
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    2 days ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    3 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    3 days ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    4 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Cloudflare Notification about increase in ransom DDoS threats
    12 months ago
    Windows 11 build 25169 outs with new features
    12 months ago
    How to enable Bluetooth on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Detecting zero-days before zero-day
    Detecting zero-days before zero-day
    23 hours ago
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    23 hours ago
    Network performance update: Birthday Week 2023
    Network performance update: Birthday Week 2023
    23 hours ago
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    2 days ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    2 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    The most Important Shortcuts Keys For Computer
    12 months ago
    What’s new in Chrome 88
    12 months ago
    Windows 11 might get floating Taskbar similar to macOS
    9 months ago
    Latest News
    How to enable extensions for Google Bard AI
    2 days ago
    Window 11 Copilot: 10 Best tips and tricks
    2 days ago
    How to create AI images with Cocreator on Paint for Windows 11
    3 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    4 days ago
  • Glossary
  • My Bookmarks
Reading: Experts continue to discover vulnerabilities in WordPress plugins
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Wordpress Threats

Experts continue to discover vulnerabilities in WordPress plugins

Tom Grant
Last updated: 10 October
Tom Grant 3 years ago
Share
4 Min Read

According to experts, approximately 35% of all sites on the Internet are powered by WordPress CMS. In this light, it is not surprising that attacks on vulnerable WordPress plugins are becoming a real trend among attackers, especially considering that there is no shortage of “leaky” plugins.

While 2019 has been a busy year for WordPress site administrators, the start of 2020 has been quiet. The reason for this downtime could probably be the winter holidays, as hackers sometimes take a break too. However, attacks on WordPress have resumed in recent weeks, and according to experts at Wordfence, WebARX, and NinTechNet, the brief lull appears to be over. As before, the attacks are mainly aimed at exploiting vulnerabilities in various plugins, but not in the CMS itself. Listed below are which plugins are under active attack. According to Wordfence report, since mid-February, hackers have been attacking a vulnerability in the Duplicator plugin, which allows site administrators to export the contents of their resources and makes it much easier to “move from one server to another. The bug was fixed in version 1.3.28 and allowed attackers to export a copy of the site from where hackers could extract database credentials and then hack into MySQL. The problem is aggravated by the fact that at the time the attacks began, the plugin had more than a million installations, and Duplicator Pro, the commercial version of the plugin, was installed 170,000 more times.

Also, according to data from Wordfence, at least two hack groups are exploiting the problem in the free and professional versions of the Profile Builder plugin. Bug allows attackers to create new administrator accounts on vulnerable sites. Although the bug was fixed on February 10, 2020, the attacks began on February 24, the same day that the PoC exploit was published online. Currently, about 65,000 sites on which the plugin is installed are vulnerable to attacks. Attacks on


vulnerabilities in ThemeGrill Demo Importer and ThemeREX Addons products continue. The first plugin is installed on more than 200,000 sites, and the vulnerability allows attackers to erase other people's sites, and also, if the database contains a user named admin, the attacker can gain access to this account and all the corresponding rights. A bug in the second plugin also allows you to create new administrator accounts on vulnerable sites, and despite ongoing attacks, there is still no patch for it.

Websites with the Flexible Checkout Fields plugin for WooCommerce, installed on more than 20,000 resources, were also targeted by the attackers. In this case, the hackers exploited an already


patched XSS zero-day vulnerability that allowed the creation of administrator accounts on vulnerable sites. Despite the release of the patch, the attacks continued at the end of February (1, 2).

Another active campaign exploits three similar zero-day vulnerabilities found in the Async JavaScript plugins, 10Web Map Builder for Google Maps, and Modern Events Calendar Lite. These plugins are installed on 100,000, 20,000 and 40,000 sites, respectively. All three 0-day bugs were stored XSS and all three have already received fixes, however, the attacks began even before the release of the patches, which means that some sites were most likely compromised.


Translate this article

TAGGED: PoC, Vulnerabilities, WordPress, WordPress plugins
Tom Grant October 10, 2022 September 30, 2020
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Detecting zero-days before zero-day
Detecting zero-days before zero-day
Apps 23 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps 23 hours ago
Network performance update: Birthday Week 2023
Network performance update: Birthday Week 2023
Apps 23 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 2 days ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 2 days ago

You Might Also Like

Detecting zero-days before zero-day
Apps

Detecting zero-days before zero-day

23 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps

See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan

23 hours ago
Threats

Beware of scammers! Dangerous apps in the App Store

2 days ago
How To Limit Login Attempts on WordPress (+ Should You?)
Wordpress Threats

How To Limit Login Attempts on WordPress (+ Should You?)

3 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme

10 New Stories

Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
Previous Next
Hot News
Detecting zero-days before zero-day
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Network performance update: Birthday Week 2023
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?