Another WordPress Site Blunder: Vulnerabilities are likely to target 900,000 sites per week

May 13, 2020
wordpress code injection vulnerabilities software vulnerability

Are you setting up a WordPress site for business?

If you have a WordPress site setup for your promotion or worse eCommerce site, then you are in for a significant risk. Vulnerabilities are surrounding the said platform; these vulnerabilities are pretty much the new normal since the launch of WordPress

If you want to boost your business, posting it on the internet is the best action that you can do. With your artistic mind and a few clicks, you can create your website using WordPress. Either for business or other purposes, this subscription will be your key to let the world know about you or your business.

However, a recent report of renowned experts confirmed that almost a million of their websites are possibly compromised. The attack came from a single hacker; the experts were able to gauge that the impact range of the infection is vast. The activity was said to be running for a few months now. However, still, the fraud detection team was unable to halt its operation altogether. Core analysis confirms that the attacker was able to use untraceable IP addresses for a total of 24,000. These addresses were used to stealthily do requests or access to almost a million websites that WordPress is servicing.

Further on, the report confirmed that the attacker could redirect visitors to a compromised website that they fully control with ease of malvertising. If any visitors click on the embedded advertisement on the page, they will be routed to an almost legitimate look website. At the same time, on the back end, their system is being infected with malware unknowingly. Whereas, if the owner or an administrator login to their website, the hacker can use brute force to infiltrate it. Once accessed is gained, the attacker will have the opportunity to do anything on the website, such as changing or deleting its entire content. Though, this act will be a signal to the host that the site has been breached.

 

The payload and the vulnerability

The infection or the gateway that the attacker used to reach its goal was the loophole within the cross-site scripting (XSS) vulnerability of the WordPress system. With its imposed low level of security, infiltration is possible by injecting malicious codes and javascript for the hacker’s advantage. Thus, the assault has been a success.

WordPress, on the other hand, confirmed that they are well aware of the situation. As part of their Website, Scanning maintenance concludes that the target was the old XSS code of their system. Moreover, they were able to immediately release updates as part of their mitigation strategies once they confirmed such behavior of the attacker concerning the version of the platform its targeting.

In the end, subscribers should always be vigilant and ensure that the latest update from WordPress is being installed and used on the website. They should also invest or get malware protection to secure their business and reputation. For WordPress, the users and developers should immediately disconnect and remove any old repository that is no longer in use on their system as these give fraud actors free access to vast sensitive data.

About the author

Leave a Reply