Monday, December 4, 2023

WordPress Websites Hit by a Barrage of Attacks

Attackers exploit the vulnerability of the Yuzo Related Posts plugin.Email automation service Mailgun has added a long list of companies that were victims of large-scale coordinated attacks on websites run by WordPress on Wednesday, April 10.

In the course of the attacks, attackers exploited the vulnerability in the Yuzo which allows cross-site scripting (XSS). With the help of this plugin, attackers have applied code into vulnerable sites which redirected visitors to a variety of malicious resources, including fake support sites, malware disguised as updates, and advertising.

Mailgun is far from being the only victim of the mass attack on websites with a vulnerable plugin. Incidents could well have been avoided if the researcher who discovered the vulnerability had first notified the developer and only then published his PoC (Proof Of Concept) exploit.

According to Vlad, CEO at ITRate.co, and WordPress expert, due to the publication of PoC-exploit on the same day, the plugin had to be removed from the official WordPress plugin repository until a patch was released. However, many websites that use the Yuzo Related Posts still remain vulnerable. According to WordPress.org, at the time of the plugin removal from the repository, it was installed on 60,000 websites.

On April 10, the attacks were hailed, and a Yuzo Related Posts developer desperately urged website owners to immediately remove the problematic plugin. According to Defiant specialists, one of the factions actively exploiting vulnerabilities in Easy WP SMTP and Social Warfare plugins is behind the attacks.

What was the Plugin Intended for?

Internal linking – what does it give? How can you build one? What is it for? One of the positive moments is to increase the usability of a website, i.e. ease of use. Placing internal links in the text of an article or as a block of similar articles (or even better – by using both), will significantly improve the visitors’ behavioral factors.

Increasing usability and behavioral factors of visitors require a comprehensive approach. Creating a convenient search on a website or a favicon also moves us forward in this direction. Everything is interconnected. By improving one thing, we positively influence other factors in promoting our website.

Using meaningfully the internal linking alone, you can move your articles for low-frequency requests up to the top search results. Of course, the competitiveness of a request factor is also the case here.

Related Read

Zero-day Stored XSS Vulnerability in WordPress Social Share Plug-in let Hackers to Compromise 70,000 Websites

Hackers Using WordPress and Joomla Sites to Distribute Shade Ransomware

Website

Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles