There are a variety of plug ins on the word press site that are being overtaken by hackers. Many of the plug ins were designed to help site owners have more control over what they use it for and what audience they reach but hackers have been able to log in and create their own accounts giving them control of all of that information that is supposed to be secure. Among the most popular plug ins the duplicator at the top of the list.
- The Duplicator plugin boasts over a million installs, but a bug permitted attackers to export site contents.
- Several plugins and add-ons suffered zero-day exploits, meaning the vulnerabilities weren’t known to developers.
- A bug in ThemeGrill Demo Importer allowed attackers to hijack the admin account.
“Many of the attacks against WordPress sites last month involve hackers trying to hijack sites by targeting recently-patched plugin bugs.”