A number of attacks against WordPress sites increase day by day. When we look at last month’s attacks on WordPress sites, most of them are targeting recently-patched plugin bugs. Also, vulnerabilities in different plugins were attacked by hackers. Here is the list of the plugins identified as being part of this recent string of attacks.
Duplicator which is one of the most popular plugins on the WordPress portal enables site owners to export the content of their sites. WordPress has released a patch for the version 1.3.28 after hackers have exploited a bug in Duplicator since around mid-February. More than one million that installed Duplicator was affected at the time the attacks began.
A zero-day exploit that began on February 18 in ThemeREX Addons allowed attackers to create rogue admin accounts. Update the plugin was not possible because there was not a security patch for this vulnerability. Therefore, removing the plugin from their sites is the only way to protect the site from these ongoing attacks.
Profile Builder Plugin
A major bug has been discovered in the free and pro versions of the Profile Builder plugin which allows attackers to register unauthorized admin accounts on WordPress sites. The bug has been fixed on February 10. More than 50,000 users of the free version and 15,000 users of the commercial version were affected by the vulnerability.
Flexible Checkout Fields
The Flexible Checkout Fields for WooCommerce plugin were targeted by attackers. More than 20,000 WordPress-based e-commerce sites installed this plugin. Attackers injected XSS payloads to create rogue admin accounts by using a zero-day exploit in this plugin since 26 February. A security patch has been issued to fix the bug.
Stay tuned for up-to-date WordPress News