Technology Today

More popular WordPress plugins are being attacked

   Download Android App    Share in      FullScreen   CheckVideos

Cybercriminals are paying close attention to the security flaws that were recently discovered in several popular WordPress plugins and they have begun to target websites that still run vulnerable versions of them.According to BleepingComputer, at least two threat actors are actively attacking unpatched versions of the ThemeGrill Demo Importer, Profile Builder and Duplicator plugins.
What these three plugins have in common is the fact that they were all revealed to contain a critical security bug that could be exploited in recent reports.Researchers estimate that there are hundreds of thousands of WordPress sites that are currently at risk of being exploited because their admins have not yet patched these three plugins.One of the threat actors, who goes by the handle 'tonyredball', is exploiting two of these vulnerable plugins to obtain backdoor access.
Tonyredball was observed exploiting the administrator registration vulnerability in Profile Builder by using requests that contained the username, email and other profile details of the new administrator account, according to WordPress security experts at Defiant.However, the researchers also noted that tonyredball has launched a number of attacks which take advantage of the database deletion flaw in older versions of the ThemeGrill Demo Importer plugin.Another threat actor exploiting vulnerable WordPress plugins is identified by Defiant as 's olarsalvador1234' because of an email address used in the requests leading to exploitation.In addition to targeting ThemeGrill Demo Importer and Profile Builder, this threat actor is also exploiting unpatched flaws in Duplicator which is a plugin that allows websites to be cloned and migrated to other locations.Duplicator versions lower than 1.3.28 have been found to contain a security bug that allows unauthenticated users to download arbitrary files from victim sites.
By exploiting the bug, an attacker can retrieve a site's configuration file (wp-config.php) where the credentials for database access are stored.
This allows a threat actor like solarsalvador1234 to establish long-term access to a compromised site.According to update rates, Defiant estimates that around 800,000 sites may still run a vulnerable version of the Duplicator plugin.If you're WordPress site is running an older version of ThemeGrill Demo Importer, Profile Builder or Duplicator, it is highly recommended that you update to the latest version as soon as possible to prevent falling victim to these kinds of attacks.Via BleepingComputer




Unlimited Portal Access + Monthly Magazine - 12 issues

Contribute US to Start Broadcasting - It's Voluntary!

ADVERTISE

Merchandise (Peace Series)

 

Dyson launches Spring Event sale with £150 off 'brilliant' Pure Cool fan

Wordle today: Answer and tips for popular word video game on Friday April 4, 2025

Sky's 50p per day TV and Netflix pack can help Brits avoid April bill increases

WhatsApp verifies 'long-awaited' upgrade is coming to your phone this month

Wordle today: Answer and hints for popular word video game on Thursday April 3, 2025

Google Pixel 9a offers as EE, Sky and O2 launch strategies consisting of a big freebie

Sky Mobile offers Apple MacBook Air M4 for £22 a month in cost-splitting plan

Amazon knocks ₤ 100 off iPhone 16 Pro in unusual flash offer

Argos is dispensing Sky television rival at a more cost effective rate - act now or miss out

Wordle today: Answer and tips for popular word game on Wednesday April 2, 2025

Leading Tech: Our preferred mobile and SIM just deals to help beat the April price walkings

Beat mobile provider April rate walkings with Sky's half-price data strategies

Your iPhone simply got a huge free upgrade from Apple - check the settings now

UK WhatsApp users put on red alert and ignoring new advice could be 'devastating'

Wordle today: Answer and hints for popular word game on Tuesday April 1, 2025

Sky offers £120 saving for broadband and TV billpayers ahead of April price hike

Amazon consumers switch iPad for ₤ 39 Fire tablet in last possibility Spring Sale offer stack

Details
Category: Technology Today