The wide options of plugins make WordPress blogging and CMS tool mainly customizable web platform out there but due to ample availability of plugins is making it easier for attackers. Hence WordPress is being targeted by attackers lately.
Some plugins can have security holes that let attackers hijack your WordPress site. This time, a popular plugin MailPoet is targeted by attackers. According to Daniel Cid from Sucuri security firm, attackers are using malware to infect sites, this malware is also infecting other wordpress sites that doesn’t have MailPoet installed on them. The security hole in MailPoet can directly affect WordPress server. The latest update of MailPoet version 2.6.7 fixes this problem.
Cid has posted on his blog that, “MailPoet susceptibility can affect your site irrespective of whether you have MailPoet enabled in your blog or not. If your WordPress site resides on same server which contains infected site, it is more likely to infect your site too. Cross contamination is taking place here. The risk of attack is very high as MailPoet has over two million downloads. Users must update all plugins.”
In other news, brute force attack is taking place against WordPress sites. Attackers try amalgamation of username and passwords to get access to site in brute force attacks. There are many reports about brute force attack on WordPress sites. WordPress had pushed update with XML RPC (Remote Procedure Call) ping back function in March to fight against DDoS (Denial of service) attacks. This new brute force attack bypasses XML RPC patch.
According to reported attack in March, attackers trying to make use of XLM RPC in WordPress. The researchers of SANS Institute Internet Storm Center have done a study on this case. XML RPC function lets users track if their content is getting linked. wp.getUsersBlogs contains data of administrator and contributors of blog, attackers are abusing this function as well.
Experts recommend to update all plugins and make sure they’re fully patched. Users affected by these attacks should follow Hardening WordPress guide that helps to fight against brute force attacks.
