Multiple WordPress Plugin Vulnerabilities Actively Being Attacked – Experts Analysis

Cybercriminals are taking advantage of the recent security flaws reported recently in popular WordPress plugins and are targeting websites that still run vulnerable versions. At least two threat actors are actively attacking unpatched variants of ThemeGrill Demo Importer, Profile Builder, and Duplicator plugins which are installed on.

What the three WordPress components have in common are recent reports of a critical severity bug that could be exploited to compromise the website they run on, BleepingComputer reported.

Experts Comments

February 27, 2020
Marco Essomba
Founder
iCyber-Security
WordPress is one of the most popular content management system for websites. If successfully exploited, this vulnerability will allow an attacker to take control of the website, and cause serious damage including uploading malicious content to the site. This can be devastating because an attacker can completely erase the website content, leaving the site completely unavailable. Administrators should check if the vulnerable plugins are activated within their WordPress admin portal. Where the .....Read More
WordPress is one of the most popular content management system for websites. If successfully exploited, this vulnerability will allow an attacker to take control of the website, and cause serious damage including uploading malicious content to the site. This can be devastating because an attacker can completely erase the website content, leaving the site completely unavailable. Administrators should check if the vulnerable plugins are activated within their WordPress admin portal. Where the plugins are activated it must be updated to the latest version and the corresponding patch installed to mitigate against this threat. As an extra security measure, I strongly recommend that access to the admin section of WordPress should always be restricted and not left wide open on the Internet. Moreover, an extra layer of web security can be added to ensure that all requests to the website are scanned to ensure that these types of flaws cannot be exploited.  Read Less
February 27, 2020
Yuki Arbel
VP of Product Management
Hysolate
Sophisticated hackers and especially nation states attackers are always going to exploiting newly disclosed vulnerabilities across software, operating systems, networking and others areas of corporate and critical infrastructure. Organisations should be concerned about their website being compromised, but they should also worry about employees accidentally ending up on a page where the malicious JavaScript code has been injected and accidentally letting malware into the company’s environment. .....Read More
Sophisticated hackers and especially nation states attackers are always going to exploiting newly disclosed vulnerabilities across software, operating systems, networking and others areas of corporate and critical infrastructure. Organisations should be concerned about their website being compromised, but they should also worry about employees accidentally ending up on a page where the malicious JavaScript code has been injected and accidentally letting malware into the company’s environment. To protect critical assets, Microsoft and other security leaders are urging enterprises to separate their critical and most sensitive infrastructure components from their regular day-to-day infrastructure components, which includes both Privileged Access Workstations and Network Segmentation that will ensure that if one part of your infrastructure is compromised, the most critical areas remain intact.  Read Less
February 27, 2020
Keith Geraghty
Solutions Architect
Edgescan
WordPress Vulnerabilities can represent low hanging fruit for attackers. The overall popularity of WordPress means we will continue to get a steady stream of new vulnerabilities for the foreseeable future. The interesting thing is that the same approach is always applied pre-exploitation, and that is information gathering. The sheer amount of exposed WordPress interfaces and configuration files exposed across the web is simply staggering. Attackers can gather a list of potential targets in a.....Read More
WordPress Vulnerabilities can represent low hanging fruit for attackers. The overall popularity of WordPress means we will continue to get a steady stream of new vulnerabilities for the foreseeable future. The interesting thing is that the same approach is always applied pre-exploitation, and that is information gathering. The sheer amount of exposed WordPress interfaces and configuration files exposed across the web is simply staggering. Attackers can gather a list of potential targets in a matter of minutes. From there, they can start the process of file enumeration and testing input validation to refine their list further. Clients need to be using WP-scan combined with good vulnerability management on a continuous basis to ensure that various WordPress components are up to date. WP-scan is an opensource program, so there is no excuse for not doing the bare minimum. Files and administration portals should not be exposed and the application should follow best practice frameworks and secure coding guidelines.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts