Vulnerable Plugin Puts WordPress Security at Risk

Researchers merits that a popular WordPress plugin is existence used past criminal hackers to hijack websites and redirect visitors to pages serving malware.

Vulnerabilities in WordPress plugin cause widespread damage:

Researchers from Sucuri, a security business firm, reported on Monday that vulnerabilities affecting a WordPress plugin are beingness used by hackers to compromise websites and spread malware to users' computers. According to this study, exploiting a vulnerability in Silder Revolution, over 100,000 WordPress sites have been compromised and then far. The code script planted on targeted sites loads a JavaScript malware hosted on a .ru domain.

Slider Revolution is a popular WordPress premium plugin helping users to create responsive sliders. The plugin vulnerabilities were used widely by remote attackers to download files from affected servers. The flaw in a local file inclusion (LFI) afflicted version four.1.four and earlier, and while information technology was patched by the developer, a large number of sites remain affected.

Here is how the attack happens:

Cyber hackers scan the WordPress websites to bank check which ones have Slider Revolution installed.
Once the plugin is detected, the LFI bug is exploited to enable the hacker to download thewp-config-phpfile.
The aforementioned file contains important configuration data that helps the assailant to compromise the target website.
In one case the config file is accessed, 2d Slider Revolution vulnerability is exploited. This is used to upload a malicious theme to the website injecting a second backdoor that redirects site'south company to soaksoak.ru.

Slider Revolution is being used past over thousands of websites. However, issue becomes bigger equally the plugin is wrapped into a number of WordPress theme packages making site owners completely oblivious of the fact that their sites are open to targeted attacks.

Cheque WordPress security:

In an endeavour to minimize impact on the larger internet, Google has already blacklisted over 11,000 websites afflicted past this soaksoak malware. However, WordPress websites admins can check the security of their sites by using free Sucuri scanner. The malware was showtime discovered past Sucuri in September, while it has been in works since February.

- Complete report: Sucuri