Disclosed WordPress vulnerability affects current 4.9.6 and earlier WordPress versions

Recently disclosed WordPress vulnerability made a massive shock to some WordPress community members. It’s not the vulnerability itself. Some users were shocked by the fact that it was already reported to the WordPress Security team about seven months ago. Well, let’s analyze everything step by step.

Disclosed WordPress vulnerability

First of all, relax. I can say that most of the WordPress sites are not affected by this vulnerability. In order to exploit this vulnerability, certain conditions are required. In this case, an attacker must have sufficient rights to edit and delete media files (for example “author” role or any custom role with the previously mentioned rights). There are several possible ways to affect site security by exploiting this vulnerability.

Continue reading Disclosed WordPress vulnerability affects current 4.9.6 and earlier WordPress versions

WordPress plugins for WooCommerce by Multidots endangered thousands of online stores

Multidots Inc. is a software development company from India that has developed a wide range of various WordPress plugins. About a month ago ThreatPress Security Research Team found a lot of vulnerabilities in ten plugins designed by Multidots to extend the capabilities of WooCommerce. As you can understand, these plugins designed for online stores powered by WooCommerce / WordPress. ThreatPress notified the Multidots instantly about the issues with their WordPress plugins, usually developer fixes problem as soon as possible, but in this case, everything went quite a different way.

Vulnerable plugins by Multidots

So, overall ThreatPress found that there are ten vulnerable plugins. All of them hosted on WordPress.org plugin repository. Here’s the list of these plugins (plugin name, active installs and vulnerability type):

Continue reading WordPress plugins for WooCommerce by Multidots endangered thousands of online stores

Exploitation of hacked websites for cryptocurrency mining gains popularity

Exploitation of hacked websites for cryptocurrency mining is a new thing, and it gets more popular day by day. Hacking websites for fun or other reasons like spamming, other exploitation is a thing of the past. All previous exploitation methods of hacked sites are outdated, have low-profit margins (except stealing of CC credentials and similar data) and incompatible with the modern trends. Now everyone wants cryptocurrencies, everyone obsessed about crypto money and everyone is ready to do anything to get it.

Coinhive JavaScript miner for the Monero Blockchain

Coinhive offers a JavaScript that anyone can easily embed to websites. This Javascript is a Monero Blockchain miner that uses the CPU power of website visitor PC for predefined calculations. You turn your PC into cryptocurrency mining machine when you visit the website equipped with Coinhive JavaScript mining.

Continue reading Exploitation of hacked websites for cryptocurrency mining gains popularity