Security News > 2022 > September > Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability
A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites.
Tracked as CVE-2022-3180, the issue is being weaponized to add a malicious administrator user to sites running the WPGateway plugin, WordPress security company Wordfence noted.
"Part of the plugin functionality exposes a vulnerability that allows unauthenticated attackers to insert a malicious administrator," Wordfence researcher Ram Gall said in an advisory.
WPGateway is billed as a means for site administrators to install, backup, and clone WordPress plugins and themes from a unified dashboard.
In the absence of a patch, users are recommended to remove the plugin from their WordPress installations until a fix is available.
The development comes days after Wordfence warned of in-the-wild abuse of another zero-day flaw in a WordPress plugin called BackupBuddy.
News URL
https://thehackernews.com/2022/09/over-280000-wordpress-sites-attacked.html
Related news
- WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)