Today news broke of a particularly nasty zero day vulnerability in the Wordpress REST API. The vulnerability in this case would allow for content injection as well as privilege escalation. This vulnerability would an unauthenticated interloper to modified basically any content that they would see fit. Posts, pages, all fair game.
This is anything but a small issue and from what I’ve read thus far, trivial to exploit by an attacker. The issue in this case was discovered by a security researcher at Sucuri. For the uninitiated, Wordpress is an open source CMS platform that was first introduced to the world in May 2003.Read more
Automattic, the company that supervises WordPress and WooCommerce development, has patched a persistent XSS vulnerability in the WooCommerce e-commerce plugin for WordPress.
This bugfix is crucial because it has the potential to affect over one million WordPress-powered stores, according to the most recent statistics from the WP Plugin Directory. Security researcher has discovered the vulnerability as part of the Summer of Pwnage event. It is a unique event that gathers security researchers from around the globe, and this year, they have set their sights on discovering and reporting security bugs in the WordPress platform.Read more
Italian security researchers from VoidSec have come across a botnet structure that was using vulnerable Aethra Internet routers and modems to launch brute-force attacks on WordPress websites.
This particular incident was uncovered after one of the VoidSec researchers was sifting through his WordPress log file and found a brute-force attack coming from the same IP range. After further investigation, all the IPs came from six Internet Service Providers: Fastweb, Albacom, Clouditalia, Qcom, WIND, and BSI Assurance UK, four of which are from Italy. What all these networks had in common were Aethra routers.Read more
A Large number of WordPress websites were compromised in last two weeks with a new malware campaign spotted in the wild. WordPress has been once again targeted by hackers at large scale.
Researchers have detected a “Malware Campaign” with an aim of getting access to as many devices they can by making innumerable WordPress websites as its prey. The Security researchers call this malware attack as “VisitorTracker”. This new campaign seems to be utilizing the Nuclear Exploit Kit and uses a combination of hacked WordPress sites, hidden iframes and number of known and unknown Browser exploits.Read more
The US FBI just released a public service announcement to the public about a large number of websites being exploited and compromised through WordPress plugin vulnerabilities.
The defacements have affected Web site operations and the communication platforms and a variety of other domestic and international Web sites. Although the defacements demonstrate low-level hacking sophistication, they are disruptive and often costly in terms of lost business revenue and expenditures on technical services to repair infected computer systems. The FBI explained what happens when a site gets compromised.Read more
The popular Mailpoet WordPress plugin had a serious file upload vulnerability a few months back, allowing an attacker to upload files to the vulnerable site. This issue was disclosed months ago, the MailPoet team patched it promptly. It seems though that many are still not getting the word, or blatantly not updating, because we are seeing another string of mass exploitation attempts against WordPress websites.
Those that are not or have not updated are getting infected repeatedly via this vector, the issue is further compounded because the attackers are using it as a spring board into the reset of their account further compromising their entire account. Please, we cannot stress the importance of updating, not just your active website, but any other websites you have in your stack, under the same account.Read more