Old WordPress Plugin Vulnerable to RCE Attacks
By Anirudh Madhav

Researchers have discovered that attackers are abusing a vulnerability in an outdated version of a WordPress plugin called Duplicator. The Duplicator plugin, a migration software facilitates migration of the site by duplicating the site. All Duplicator plugins earlier than version 1.2.42 are vulnerable to the attack.

Researchers are Sucuri has seeing an increase in the number of attacks, where hackers either removed or rewrote the wp-confif.php file. A researcher with Sucuri said that the attack can be eliminated by removing the installer.php file as it is not a vital file after migration.

Read More…..

Share

Twitter

Tumblr

Facebook

Digg

Flickr

Instagram

LinkedIn

Pinterest

StumbleUpon

Vimeo

YouTube

Contact Me

   

Email This Page