These days WordPress infections are very common. In 2021, internetlivestats.com counted over 81 million websites hacked. If you’re one of the millions, you need to take action to fix and protect your site. Of course, a hacked site will put any site owner into panic mode. This article will provide insight on what to do […]
Tag Archives: WordPress Security
WordPress 5.8.3 Security Release
On January 6th, Automattic released an important security update for the WordPress core which addresses four separate vulnerabilities. WordPress website administrators are advised to update their websites immediately. All WordPress versions between 3.7 and 5.8 are affected by this, and the security issues include SQL injection, stored XSS and object injection, which we will review […]
Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 / 7.7 Vulnerability: Privilege Escalation, SQL Injection Patched Version: 4.1.5.3 Last week, security researcher at Automattic Marc Montpas recently discovered two severe security vulnerabilities within one of the most popular SEO plugins used by WordPress website owners: All in One SEO. The plugin is used by […]
WooCommerce Credit Card Swiper Injected Into Random Plugin Files
It’s that time of year again! While website owners always need to be on guard, the holidays season is when online scams and credit card theft are most rampant. Administrators of ecommerce websites need to be extra vigilant as this case will demonstrate. This story starts much the same as many others that we discuss […]
WordPress Admin Creator – A Simple, But Effective Attack
Malicious admin users get added to vulnerable WordPress sites often. This can happen in a variety of different ways, and sometimes the malware that creates these malicious users can hide in plain sight. Injecting a malicious admin user into a WordPress site can allow attackers easy access back into a victims’ website after it has […]
WooCommerce Skimmer Spoofs Checkout Page
Recently a client of ours was reporting a bogus checkout page appearing on their website. When trying to access their “my-account” page an unfamiliar prompt appeared in their browser soliciting credit card billing information: This form was foreign to our client and was clearly placed during a website compromise. Interestingly, the website itself doesn’t even […]
Multistage WordPress Redirect Kit
Recently, one of our analysts @kpetku came across a series of semi-randomised malware injections in multiple WordPress environments. Typical of spam redirect infections, the malware redirects visitors by calling malicious files hosted on third party infected websites. Interestingly, the infection stores itself as encoded content in the database and is called through random functions littered […]
Vulnerable Plugin Exploited in Spam Redirect Campaign
Some weeks ago a critical unauthenticated privilege escalation vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. It also allows for arbitrary file uploads, which is where we have been seeing the infections start. This plugin has over 400,000 installations so we have seen a sustained campaign to infect sites with this plugin […]
An Overview of Basic WordPress Hardening
We have discussed in the past how out-of-the-box security configurations tend to not be very secure. This is usually true for all software and WordPress is no exception. While there are a plethora of different ways that site owners can lock down their website, in this post we are going to review the most basic […]
Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 1
Many clients that we work with host and operate ecommerce websites which are frequent targets of attackers. The goal of these attacks is to steal credit card details from unsuspecting victims and sell them on the black market for a profit. The online ecommerce environment is diverse, constituting many different content management system (CMS) platforms […]
