WORDPRESS PAGE BUILDER PLUGIN BUGS THREATEN 1 MILLION SITES ACROSS THE GLOBE
Posted by paul4422 on May 18th, 2020
According to expert veterans at Custom WordPress development sectors, both security bugs were threatening enough to lead you to cross-site request forgery (CSRF) and reflected cross-site scripting (XSS). This would allow the hackers to forge requests on behalf of a site administrator and execute malicious code in the administrator’s browser. Where the first issue lies in the built-in live editor within the plugin the other one was able to modify content features.
According to the reports, the glitches have affected Page Builder by SiteOrigin version 2.10.15. in case you are facing the same software threats then you better take some quick steps to avoid full site takeover. And for that you should upgrade plugins to version 2.10.16 for optimum convenience and better results.
You should know that to take over your site, the attacker needs to trick a site administrator into executing an action. This is more like clicking a link or an attachment to make sure the attempt made to attack is succeed.
It is happening due to the vulnerabilities occurring in WordPress plugins that are pursuing to plague. According to the last month’s report, it was discovered that legions of website visitors could be infected with drive-by malware. Well, among those issues only CSRF bug in Real-Time Search and Replace. In the same month it was also discovered that a pair of security vulnerabilities were suspected in the WordPress search engine optimization (SEO) plugin known as Rank Math, were found. This was enabling convenience to remote cybercriminals to elevate privileges and install malicious redirects onto a target site. And according to the veterans, RankMath is a WordPress plugin with more than 200,000 installations.
WordPress Plugins and Themes - WP Marketer Tools
WordPress Themes and Plugins To Help Grow Your Online Business and Make It More Efficient.