Wordfence’s risk analysis team discovered two separate vulnerabilities in a WordPress plugin that changed the way search pages were displayed.
The plugin is called “WordPress Download Manager” and is installed on over 100,000 sites, according to WordPress.org.
My point is that if you… Read More I would say that if you are human, you should have your own lifestyle, not someone else’s. So, a low-authority consumer (like an author) can get the contents of a site’s wp-config.php file by adding a brand new get program to perform a list-passing attack.
- We have compiled a list of the best plugins for WordPress.
- These are the best WordPress hosting options on the market.
- You can also try our review of the best WordPress themes.
From here, the contents of the wp-config.php file will be reflected in the page layout code when previewing. However, since the content of this file is called on the page submission side, a user at the author level could add an image extension file containing malicious JavaScript and set the content of file[page_template] to the path of the uploaded file. This could lead to persistent cross-site scripting.
Read more – New Threats on Vulnerability Found in iPhone’s Operating System Released!
More than 60,000 pages are at risk from this exploit, a bug that is released weekly in WordPress.
WordPress 4.7.2. Sucuri
According to Sucuri, tens of thousands of pages were broken last week because WordPress customers did not install WordPress 4.7.2. Sucuri reported the bug in January, which affected the REST API in WordPress 4.7 and 4.7.1. We have reported the extreme bug.
The developers of the main version of WordPress delayed disclosure until hackers began exploiting the vulnerability, giving customers time to prepare alternatives. Perhaps this delay was reasonable. According to Sucuri, the attempted exploitation of the vulnerability took place 48 hours after WordPress released the hidden patch.
However, while the tens of millions of websites that updated their computers a fortnight ago were immediately protected, tens of thousands of unaffected sites still exist and have fallen victim to hackers scouring the internet for sites with the vulnerability.
Read more – How the Interplanetary Internet works
Since the day WordPress disclosed the vulnerability last week, Sucuri has seen an increase in attempts to exploit the vulnerability, from less than 100 per day on February 2 to 3,000 per day on February 6.
Vulnerability’s disclosure
“We noticed that many publicly available exploits were distributed and posted online within 48 hours of the vulnerability’s disclosure. We noticed that publicly available vulnerabilities were being distributed and posted online within 48 hours of disclosure. This data led to attempts to probe and exploit the Internet.
Among the four teams tracked by Sucuri, more than 66,000 web pages have been compromised since the vulnerability was reported. The damage could have been avoided if website owners had heeded the warnings and enabled updates on their computers or used the simple WordPress replacement process.
Auto-update feature by default
WordPress has an auto-update feature by default, so it can be manually replaced with a single click. “However, not everyone is aware of the situation and not everyone can replace their site,” says Sid, “That’s why many sites have been damaged or corrupted.
However, last week Sucuri warned that the vulnerability exposed WordPress plugins to remote code execution. Fortunately, the hack appears to have mostly affected websites.
We expect the types of damage to websites to decrease in the future as attackers turn to SEO (web optimization) spamming, which is the act of tricking search engines such as Google and Yahoo into ranking sites after others in search results. On the sucuri site, we see attempts to add photos and spammy content to posts. The attackers are trying to generate revenue.
Double extension attack
Before Wordfence discovered these two vulnerabilities, the team behind WordPress Obtain Supervisor patched a vulnerability that allowed customers to add entries with php4 extensions and permanently executable input data.
While this patch protected many parameters, it only checked the final extension of the file, which allowed an attacker to perform a “double extension” attack by importing a file with multiple extensions (for example, information.php.png).
An attacker could use files with multiple extensions (for example, information.php.png).
However, if you have a WordPress site that uses this plugin, it is very useful to replace it immediately with the latest template to avoid attacks that exploit two patched vulnerabilities.