Download CryptoTab App FREE - CryptoTab is a free app for iOS and Android that pays you to browse the websites you normally would on your phone or your computer! Start earning your first Bitcoin today!

WORDPRESS PAGE BUILDER PLUGIN BUGS THREATEN 1 MILLION SITES ACROSS THE GLOBE

Posted by paul4422 on May 18th, 2020

According to expert veterans at Custom WordPress development sectors, both security bugs were threatening enough to lead you to cross-site request forgery (CSRF) and reflected cross-site scripting (XSS). This would allow the hackers to forge requests on behalf of a site administrator and execute malicious code in the administrator’s browser. Where the first issue lies in the built-in live editor within the plugin the other one was able to modify content features.

PATCHES

According to the reports, the glitches have affected Page Builder by SiteOrigin version 2.10.15. in case you are facing the same software threats then you better take some quick steps to avoid full site takeover. And for that you should upgrade plugins to version 2.10.16 for optimum convenience and better results.

You should know that to take over your site, the attacker needs to trick a site administrator into executing an action. This is more like clicking a link or an attachment to make sure the attempt made to attack is succeed.

It is happening due to the vulnerabilities occurring in WordPress plugins that are pursuing to plague. According to the last month’s report, it was discovered that legions of website visitors could be infected with drive-by malware. Well, among those issues only CSRF bug in Real-Time Search and Replace. In the same month it was also discovered that a pair of security vulnerabilities were suspected in the WordPress search engine optimization (SEO) plugin known as Rank Math, were found. This was enabling convenience to remote cybercriminals to elevate privileges and install malicious redirects onto a target site. And according to the veterans, RankMath is a WordPress plugin with more than 200,000 installations.

Earlier in March, another glitch was reported as “ThemeREX Addons”. This was considered as a critical vulnerability in a WordPress plugin that could open the door for remote code execution in 44,000 websites in one-go. The two vulnerabilities that were reported includes high-severity flaw that was patched in a popular WordPress plugin called Popup Builder. And the other more severe flaw holds the ability to enable an unauthenticated attacker to infect malicious JavaScript into a popup. These two vulnerability could risk opening more than 100,000 websites to takeover.

And if you go through February’s calendar, you’d know the popular WordPress plugin Duplicator, which has more than 1 million active installations, was discovered to have an unauthenticated arbitrary file download vulnerability that was being attacked. And not only that but earlier that month, a major flaw was detected in a popular WordPress plugin that use to mark website complaints related to the General Data Protection Regulation (GDPR). Well, it was also disclosed soon as the company got to know it could enable attackers to modify content or inject malicious JavaScript code into victim websites. Even after the threat was discovered, it successfully managed to affect 700,000 sites.

Also See: Wordpress Plugin, Popular Wordpress, Page Builder, Version 2, Wordpress, Plugin, Site

WordPress Plugins and Themes - WP Marketer Tools
WordPress Themes and Plugins To Help Grow Your Online Business and Make It More Efficient.
CryptoTab Browser - Easy way for Bitcoin Mining | CryptoTab Browser
CryptoTab Browser is the world's first web browser with built-in mining features. Familiar Chrome user interface is perfectly combined with extremely fast mining speed. Mine and browse at the same time!

Quality Office Furniture USA Shipped Direct - Madison Liquidators
Nationwide vendor of quality office furnishings including Desks, Office Chairs, Conference Tables, Cubicles and more!

Lolli: Earn Free Bitcoin When You Shop Online!
Lolli is a rewards application that gives you bitcoin for shopping at your favorite online stores.

Advertise Here