Vulnerability Exposed in WordPress Plugin User Submitted Posts
With over 20,000 active installations, the plugin is used for user-generated content submissions
WordPress is a content management platform whose core, plugins, and themes can contain vulnerabilities that expose websites, accounts, and data.
Search across headline titles and summaries.
Background for this topic.
WordPress is an open-source content management system (CMS) used to publish and manage websites. A site typically combines WordPress core with independently developed plugins and themes, which extend functionality but create a diverse and changing software supply chain. Its security therefore depends not only on the core software, but also on the quality, maintenance, and configuration of those extensions.
Security-relevant issues include exploitable vulnerabilities in core, plugins, or themes; weak or reused administrator credentials; and exposed or poorly configured administrative and API interfaces. Attackers may use these paths to alter content, install malicious code, or access site data. Administrators should track advisories and affected versions, apply updates through a controlled process, remove unsupported extensions, enforce strong authentication and least privilege, and keep protected, tested backups. Monitoring and log review help identify unauthorized changes and support recovery when compromise is suspected.
With over 20,000 active installations, the plugin is used for user-generated content submissions
Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.
Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site
A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site's activity. [...]
More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August
Multiple Balada Injector campaigns have compromised and infected over 17,000 WordPress sites using known flaws in premium theme plugins. [...]