Security alarm from the security company Sucuri, for its website owners platformς WordPress using its theme OptimizePress. According to the company a vulnerability in the upload function files in the OptimizePress theme allowed attackers to infect thousands of websites.
Vulnerability uses the media-upload.php file in the path /lib/admin/ and allows anyone to upload any kind of files to the path “files/optpress/images_comingsoon.”
Sucuri technicians have identified more than 2.000 websites that use the Optimizepress theme and have been tampered with. All sites are injected with iFrame leading to a malicious domain.
Almost 75% of the infected websites have already been blacklisted as safe tourof Google.
If you are using the above topic, we suggest that you upgrade to the latest version. Otherwise, you'll find yourself with a malware site.