One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and that could allow hackers to create admin accounts and take over the sites.
Researchers at NinTechNet reported an ongoing campaign, observed in the past hours, that is actively exploiting a zero-day flaw in the WordPress Flexible Checkout Fields for WooCommerce plugin.
The plugin has over 20,000 active installations, and its developers have already fixed the unauthenticated stored XSS bug that affects version 2.3.1 and below.
“The vulnerability has been actively exploited
Unfortunately, other zero-day vulnerabilities were targeted by hackers in the past hours.
Experts at WordPress security firm Defiant reported three zero-day vulnerabilities in WordPress plugin under active exploitation.
The zero-day flaws are:
“Early yesterday, the Flexible Checkout Fields for WooCommerce plugin received a critical update to patch a zero-day vulnerability which allowed attackers to modify the plugin’s settings.” reads the advisory published by WordFence. “As our Threat Intelligence team researched the scope of this attack campaign, we discovered three additional zero-day vulnerabilities in popular WordPress plugins that are being exploited as a part of this campaign. The
Recently the issues with other WordPress plugins made the headlines:
I believe it is very important to protect WordPress install with dedicated solutions, I’m currently using WordFence solution, the company provided with a license to evaluate the premium features.