Hackers exploit critical vulnerability found in ~100,000 WordPress sites

by
Dan Goodin
from Ars Technica - All content on (#4ZHK0)
hacked-640x438.jpg

(credit: Pixy)

Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.

The flaw is in the ThemeGrill Demo Importer installed on some 100,000 sites, and it was disclosed over the weekend by Website security company WebARX. By Tuesday, WebArx reported that the flaw was under active exploit with almost 17,000 attacks blocked so far. Hanno Bick, a journalist who works for Golem.de, also spotted active attacks and reported them on Twitter.

If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)

- hanno (@hanno) February 18, 2020

"There's currently a severe vuln in a wordpress plugin called "themegrill demo importer" that resets the whole database," Bick wrote. "https://webarxsecurity.com/critical-issue-in-themegrill-demo-importer/ It seems attacks are starting: Some of the affected webpages show a wordpress 'hello world'-post. /cc If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)"

Read 8 remaining paragraphs | Comments

index?i=LPPp2gP0BFE:Fcdw8ObOMaA:V_sGLiPB index?i=LPPp2gP0BFE:Fcdw8ObOMaA:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments