Security News > 2022 > September > Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability
A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites.
Tracked as CVE-2022-3180, the issue is being weaponized to add a malicious administrator user to sites running the WPGateway plugin, WordPress security company Wordfence noted.
"Part of the plugin functionality exposes a vulnerability that allows unauthenticated attackers to insert a malicious administrator," Wordfence researcher Ram Gall said in an advisory.
WPGateway is billed as a means for site administrators to install, backup, and clone WordPress plugins and themes from a unified dashboard.
In the absence of a patch, users are recommended to remove the plugin from their WordPress installations until a fix is available.
The development comes days after Wordfence warned of in-the-wild abuse of another zero-day flaw in a WordPress plugin called BackupBuddy.
News URL
https://thehackernews.com/2022/09/over-280000-wordpress-sites-attacked.html
Related news
- Zero-Day Vulnerability in Ivanti VPN (source)
- Critical zero-days impact premium WordPress real estate plugins (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-11 | CVE-2022-3180 | The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.5. | 0.0 |