If you're using plugins on your WordPress site, it's time to take a look at what you're using. Ars Technica he says that hackers are currently attacking 30 plugins with security gaps.
Over 40% of websites use WordPress a very popular Website Content Management System (CMS from Content Management System). One of the reasons it is so popular is that it can easily be extended by adding plugins, of which there are tens of thousands.
If WordPress is kept up-to-date and protected by two-factor authentication, it's pretty secure. So in recent years, malicious users have focused more on attacks through security gaps in plugins.
Add-ons are created by third parties and vary widely in quality. Some are updated frequently, while others are not supported. Some are so popular that they have teams of paid staff, secure update cycles, and millions of users, while others are developed by a developer who no longer supports them. And while WordPress is regularly updated with security patches, updating plugins is not so sure.
So the news of a malware targeting out-of-date plugins comes as no surprise. Researchers even report that the malware used in these attacks may have been around for three years.
Ars Technica reports that once a vulnerable website is identified, attackers inject malicious scpipts into its pages, which redirect visitors to malicious websites.
According with Dr Web's research, the attacks use unpatched versions of the following plugins or themes:
- WP Live Chat Support Plugin
- WordPress – Yuzo Related Posts
- Yellow Pencil Visual Theme Customizer Plugin
- WP GDPR Compliance Plugin
- Newspaper Theme on WordPress Access Control (vulnerability CVE-2016-10972)
- Tim Core
- Google Code Inserter
- Total Donations Plugin
- Post Custom Templates Lite
- WP Quick Booking Manager
- Facebook Live Chat by Zotabox
- Blog Designer WordPress Plugin
- WordPress Ultimate FAQ (vulnerabilities CVE-2019-17232 and CVE-2019-17233)
- WP-Matomo Integration (WP-Piwik)
- WordPress ND Shortcodes For Visual Composer
- WP Live Chat
- Coming Soon Page and Maintenance Mode
- Brizy WordPress Plugin
- FV Flowplayer Video Player
- WordPress Coming Soon Page
- WordPress theme OneTone
- Simple Fields WordPress Plugin
- WordPress Deluxe SEO plugin
- Poll, Survey, Form & Quiz Maker by OpinionStage
- Social Metrics Tracker
- WPeMatico RSS Feed Fetcher
- Rich Reviews plugin
Needless to say, if you are using any of the above you should remove it immediately, and check your site for malicious code.