A critical vulnerability in a WordPress plugin under active attack, risking over 17,000 websites
A critical vulnerability in a WordPress plugin under active attack, risking over 17,000 websites
A zero-day vulnerability allows attackers to upload malicious files on e-commerce websites, eventually taking over their databases for customer information.
advertisement
(Image for representation: Reuters)
A new security risk has been discovered by the Threat Intelligence team at Wordfence.
The vulnerability affects a WordPress plugin that allows the upload of images and PDF files for products.
A threat report states that it is under active attack since January 30, 2021.
A new vulnerability has been found in a WordPress plugin that affects over 17,000 websites. The vulnerability is actively being exploited to collect customer information from these e-commerce sites.
How to create a website: The 2021 step-by-step guide zdnet.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from zdnet.com Daily Mail and Mail on Sunday newspapers.
12 February 2021, 10:13 pm EST By WordPress Data Breach Could Affect 100,000 Exposed Websites After Using Responsive Menu Plugin ( Screenshot From Pxhere Official Website )
Certain critical and also high severity vulnerabilities within the known Responsive Menu WordPress plugin that was responsible for exposing over 100,000 sites to certain takeover attacks that were also reportedly discovered by Wordfence. Responsive Menu is actually a WordPress Plugin that is initially designed in order to help admins be able to create W3C compliant as well as mobile-ready responsible site menus.
WordPress vulnerability
While the plugin description on WordPress seems completely normal, the new information regarding the particular exposure by Bleeping Computer notes otherwise. In all, it was said that the Wordfence Threat Intelligence team were actually able to fi