Security News > 2022 > July > Thousands of websites run buggy WordPress plugin that allows complete takeover

Thousands of websites run buggy WordPress plugin that allows complete takeover
2022-07-15 19:15

Miscreants have reportedly scanned almost 1.6 million websites in attempts to exploit an arbitrary file upload vulnerability in a previously disclosed buggy WordPress plugin.

Wordfence disclosed the flaw almost three months ago, and in a new advisory this week warned that criminals are increasing attacks - the WordPress security shop claims it blocked an average of 443,868 attack attempts per day on its customers' sites.

2.58.149.35 with 390,815 exploit attempts blocked.

5.39.15.163 with 62,376 exploit attempts blocked.

194.87.84.195 with 32,890 exploit attempts blocked.

194.87.84.193 with 31,329 exploit attempts blocked.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/07/15/buggy_wordpress_plugin/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157
Plugin 2 0 13 1 0 14