Communications of the ACM

Home/News/Millions of WordPress Sites Are Being Probed, Attacked.../Full Text

ACM TechNews

Millions of WordPress Sites Are Being Probed, Attacked With Recent Plugin Bug

By ZDNet
September 16, 2020
Comments

View as: Print Mobile App Share:

Millions of WordPress sites have been attacked by hackers exploiting a zero-day vulnerability in the "File Manager" WordPress plugin, according to Defiant Inc.

Credit: WordPress.org

Defiant Inc., which produces the Wordfence Web firewall, reported that millions of WordPress sites have been attacked by hackers exploiting a zero-day vulnerability in the "File Manager" WordPress plugin.

The zero-day vulnerability enables attackers to upload malicious files on a site running an older version of the plugin.

Defiant's Ram Gall said the firm had blocked attacks against more than 1.7 million sites since the attacks were first detected on Sept. 1.

However, given that WordPress is installed on hundreds of millions of sites, Gall said the true scale of the attacks likely is much larger.

The File Manager developer team has created and released a patch for the zero-day vulnerability.

From ZDNet
View Full Article

No entries found

Millions of WordPress Sites Are Being Probed, Attacked With Recent Plugin Bug

Bitcoin ETFs Have Arrived. Here's Who Stands to Get Rich

Undergraduate Computer Science Curricula

'On Expert Testimony': A Response