50,000 Websites Hacked Through Critical WordPress Vulnerability.

Over 50,000 websites have been compromised within the first three weeks following the disclosure of a critical vulnerability in the MailPoet plugin (formerly known as Wysija Newsletter) for WordPress.

The vulnerability allows the attacker to upload any content including PHP script files to the server without authentication. Successful exploitation of the vulnerability allows the attacker to execute code on the WordPress system and take complete control of the website.

The popularity of the plugin (over 1.7 million downloads) has attracted the attention of Malware authors who have already seized the opportunity to create a worm designed to propagate via vulnerable WordPress systems [1].

The initial patch for the vulnerability failed to correctly fix the problem, therefore we recommend that users of the software apply the 2.6.9 update, even if patches were applied following the initial disclosure.

Scanning WordPress with AppCheck NG

The AppCheck NG system has a dedicated WordPress module designed to identify vulnerable plugins and configuration weaknesses.

Sign up now for a free trial to scan your web sites and application; Register HERE

Download Appcheck NG Brochure; Brochure Download

Download Appcheck NG Sample Report; Example Appcheck NG Webscan

Exploit

An exploit for the vulnerability has been published for the Metasploit Framework; Exploit Link

References

[1] Malware Infection; link

[2] Original Advisory; link

This entry was posted in Uncategorized. Bookmark the permalink.

Comments are closed.