Hackers attack the main WordPress plugin

By: Nastya Bobkova | 28.04.2024, 07:12

Researchers from the security firm WordPress Patchstack have discovered a critical vulnerability in a popular WordPress plugin that could lead to a website hijack.

Here's What We Know

The vulnerability, which was discovered in the WP-Automatic plugin, allows hackers to perform SQL injections, which allows attackers to gain unauthorised access and full control over websites.

WP-Automatic is designed to automate the import and publishing of content from various sources, such as RSS feeds, websites, and YouTube channels. It is popular among WordPress users, but vulnerable versions of the plugin prior to 3.9.2.0 are exposed to attacks.

According to WPScan, there have been more than five million attempts to exploit this vulnerability. Hackers are already exploiting this flaw to create new administrator accounts on websites to carry out further attacks, such as installing malicious applications and obtaining sensitive information.

Now there is a risk of long-term access to websites by attackers, which can lead to backdoors and code obfuscation, making it difficult for website owners or security tools to detect the problem.

The researchers also note that hackers can rename vulnerable plugin files to make it harder to detect the problem and prevent other attackers from taking over.

Users are advised to install only the themes and plugins they plan to use and keep them up to date to protect their websites from possible attacks.

Source: TechRadar