- Over 1M Attempts to Hack WordPress in a Matter of Days – A Significant Danger - August 23, 2023
- Wikipedia Used for Malicious WikiLoader - August 22, 2023
- SpyNote Trojan Spreads in Europe - August 22, 2023
Over the past several days, there have been more than 1 million attempts to breach a well-known WordPress plugin, according to security experts. According to data provider Wordfence, the attacks started on July 14th, lasted through the weekend, and peaked on July 16th with 1.3 million attacks on 157,000 sites.
According to Wordfence, the attack took advantage of the major plugin flaw Woo Commerce Payments CVE-2023-28121 (CVSS: 9.8). An unauthenticated hacker can submit requests as a privileged user, such as an administrator, thanks to a flaw. Vulnerability in Plugin on March 23, a fix for WooCommerce Payments was released in version 5.6.2.
A remote attacker might obtain administrator access and take over a weak WordPress site if the vulnerability is exploited. According to Wordfence, the attackers attempted to install the WP Console plugin on the target sites remotely using administrator privileges. Hackers host a file uploader on the plugin WP Console to run malicious code and assure persistence.
Wordfence claimed that the firm is being targeted despite the fact that there have been over a million recorded attack attempts. According to analysts, this large-scale effort targets fewer websites than many others because it doesn’t normally assault millions of websites at once.
A vulnerability in the WooCommerce Stripe Gateway plugin for WordPress, which enables an unauthorized attacker to access the specifics of an order placed through the plugin, was previously identified by specialists of the information security firm Patchstack. Data leakage can result in further assaults including efforts at account takeover and the theft of credentials via spear-phishing emails.
A flaw in a WordPress plugin called “Ultimate Member” was also found in July, providing hackers complete access over vulnerable websites by enabling them to create new user accounts with administrator rights.