Information Security, securing the digital world. Blogs, talks, videos, discussions, and tips on digital security.
WordPress plugin with 10,000+ installations being exploited in the wild
WordPress plugin with 10,000+ installations being exploited in the wild
A growing number of WordPress websites have been infected by attackers exploiting a vulnerability that remains unpatched in a widely used plugin called WP Mobile Detector, security researchers warned. The attacks have been under way since last Friday and are mainly being used to install porn-related spamming scripts, according to a blog post published Thursday.
co.uk




Ouch!
For real! I understand WordPress don't want to prevent people from contributing plugins... But seriously, they need to start cracking down on these exploitable plugins. WordPress itself (considering it's huge user-base and application across the web) is pretty solid. These high-profile hacks are just contributing to WP's bad name.