Tuesday the FBI issued a warning to all WordPress Operators that recent vulnerabilities are being widely exploited and you should ensure all WordPress installations are up-to-date as well as any plugins they may utilize.
Researchers continue to identify WordPress Content Management System (CMS) plug-in vulnerabilities, which could allow malicious actors to take control of an affected system. Some of these vulnerabilities were exploited in the recent Web site defacements noted above. Software patches are available for identified vulnerabilities.

Successful exploitation of the vulnerabilities could result in an attacker gaining unauthorized access, bypassing security restrictions, injecting scripts, and stealing cookies from computer systems or network servers. An attacker could install malicious software; manipulate data; or create new accounts with full user privileges for future Web site exploitation.
We encourage all users who have WordPress installations on their websites to ensure they are running the latest version of the software as well as any plugins which are installed.

See the FBI Warning at the IC3 Website: https://www.ic3.gov/media/2015/150407-1.aspx

Wednesday, April 8, 2015

« Back