One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and that could allow hackers to create admin accounts and take over the sites.
Researchers at NinTechNet reported an ongoing campaign, observed in the past hours, that is actively exploiting a zero-day flaw in the WordPress Flexible Checkout Fields for WooCommerce plugin.
The plugin has over 20,000 active installations, and its developers have already fixed the unauthenticated stored XSS bug that affects version 2.3.1 and below.
“The vulnerability has been actively exploited
Unfortunately, other zero-day vulnerabilities were targeted by hackers in the past hours.
Experts at WordPress security firm Defiant reported three zero-day vulnerabilities in WordPress plugin under active exploitation.
The zero-day flaws are:
“Early yesterday, the Flexible Checkout Fields for WooCommerce plugin received a critical update to patch a zero-day vulnerability which allowed attackers to modify the plugin’s settings.” reads the advisory published by WordFence. “As our Threat Intelligence team researched the scope of this attack campaign, we discovered three additional zero-day vulnerabilities in popular WordPress plugins that are being exploited as a part of this campaign. The
Recently the issues with other WordPress plugins made the headlines:
I believe it is very important to protect WordPress install with dedicated solutions, I’m currently using WordFence solution, the company provided with a license to evaluate the premium features.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.