Malware Exploiting Unpatched WordPress Plugin Vulnerabilities Hits Thousands of Sites

Malware Exploiting Unpatched WordPress Plugin Vulnerabilities Hits Thousands of Sites

A recently discovered malware has infected hundreds, potentially thousands, of WordPress sites through unpatched vulnerabilities in 30 different plugins, according to security firm Dr.Web. The Linux-based malware installs a backdoor that redirects visitors to malicious sites and can disable event logging, go into standby mode, and shut itself down. It exploits vulnerabilities in plugins that add functionality to the core WordPress content management system, such as live chat or metrics reporting. More than 1,300 sites have been found to contain the JavaScript that powers the malware, though some may have removed it since the last scan. The malware, which has been in use for potentially three years, comes in two versions: Linux.BackDoor.WordPressExploit.1 and Linux.BackDoor.WordPressExploit.2. Criminals often use infected sites to redirect visitors to sites used for phishing, ad fraud, and distributing malware. WordPress site owners should ensure that they are using the most current versions of the main software and any plugins.

Below is a list of WordPress Plugins that have been exploited.

  1. Rich Reviews plugin
  2. Poll, Survey, Form & Quiz Maker by OpinionStage
  3. WordPress Coming Soon Page
  4. WP Live Chat
  5. WooCommerce
  6. WordPress theme OneTone
  7. WordPress ND Shortcodes For Visual Composer
  8. WordPress – Yuzo Related Posts
  9. Yellow Pencil Visual Theme Customizer Plugin
  10. Google Code Inserter
  11. WP Quick Booking Manager
  12. FV Flowplayer Video Player
  13. Easysmtp
  14. Post Custom Templates Lite
  15. Brizy WordPress Plugin
  16. WP Live Chat Support Plugin
  17. Simple Fields WordPress Plugin
  18. WordPress Delucks SEO plugin
  19. WPeMatico RSS Feed Fetcher
  20. Facebook Live Chat by Zotabox
  21. Blog Designer WordPress Plugin
  22. Hybrid
  23. Total Donations Plugin
  24. Coming Soon Page and Maintenance Mode
  25. Newspaper Theme on WordPress Access Control (vulnerability CVE-2016-10972)
  26. WordPress Ultimate FAQ (vulnerabilities CVE-2019-17232 and CVE-2019-17233)
  27. WP-Matomo Integration (WP-Piwik)
  28. Social Metrics Tracker
  29. WP GDPR Compliance Plugin
  30. Thim Core

Owners of websites running on WordPress backend should check the plugins listed above for updates or patches.

Reference: https://news.drweb.com/show/?i=14646&lng=en&c=23

Get your daily updates on tech news. Click the button below.

Follow Us on Google News



You May Also Like