Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Hackers exploit zero-day in WordPress plugin to create rogue admin accounts

February 19, 2020
in Internet Security
Hackers exploit zero-day in WordPress plugin to create rogue admin accounts
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: ZDNet, WordPress

Hackers are exploiting a zero-day vulnerability in a WordPress plugin made by ThemeREX, a company that sells commercial WordPress themes.

The attacks, detected by Wordfence, a company that provides a web application firewall (WAF) for WordPress sites, have begun yesterday, February 18.

You might also like

Fastest VPN in 2021 | ZDNet

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

Chrome will soon try HTTPS first when you type an incomplete URL

They target ThemeREX Addons, a WordPress plugin that ships pre-installed with all ThemeREX commercial themes. The plugin’s role is to help buyers of ThemeREX products set up their new sites and control various theme features. Wordfence estimates the plugin is installed on more than 44,000 sites.

According to the WordPress security firm, the plugin works by setting up a WordPress REST-API endpoint but does not check that commands sent to this REST API are coming from authorized users (i.e.; the site owner).

“This means that remote code can be executed by any visitor, even those that are not authenticated to the site,” said Chloe Chamberland, threat analyst at Wordfence.

“The most worrisome capability that we are seeing actively attacked is the ability to create a new administrative user, which can be used for complete site takeover,” she added.

“We urge users to temporarily remove the ThemeREX Addons plugin if you are running a version greater than 1.6.50 until a patch has been released,” Chamberland said.

A second attack on a WordPress plugin 1-day

But the attacks on sites running the ThemeREX Addons plugin were not the only ones that have been spotted yesterday.

There was a second wave of attacks on WordPress sites. This second wave targeted sites running ThemeGrill Demo Importer, a plugin that ships with themes sold by ThemeGrill, another WordPress theme maker.

However, these attacks were destructive, rather than part of a cybercrime or botnet operation. According to WebARX and reports posted on Twitter, hackers used a bug in the ThemeGrill plugin to wipe databases and reset WordPress sites to their default states.

More than 200,000 WordPress sites are believed to run this ThemeGrill plugin. Further, in some rare circumstances, attackers could also take over vulnerable sites by hijacking their admin account.

These are so-called “1-day” attacks, a term used to describe attacks that take place immediately after a patch is provided for a vulnerability. ThemeGrill users can mitigate attacks by updating the vulnerable plugin.

On the other hand, the attacks on ThemeREX are so-called “zero-day” attacks as they exploit an unpatched bug for which there is no patch. As Wordfence recommended above, disabling this plugin until a patch is available is highly recommended.


Credit: Zdnet

Previous Post

US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility

Next Post

ZoomInfo Leverages AI To Enhance Its Go-to-Market Intelligence Solution

Related Posts

Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Why your diversity and inclusion efforts should include neurodiverse workers
Internet Security

Why your diversity and inclusion efforts should include neurodiverse workers

February 26, 2021
Next Post
ZoomInfo Leverages AI To Enhance Its Go-to-Market Intelligence Solution

ZoomInfo Leverages AI To Enhance Its Go-to-Market Intelligence Solution

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market
Data Science

Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market

February 27, 2021
MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company
Machine Learning

MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company

February 27, 2021
How AI Can Be Used in Agriculture Sector for Higher Productivity? | by ANOLYTICS
Neural Networks

How AI Can Be Used in Agriculture Sector for Higher Productivity? | by ANOLYTICS

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
The Ethereum Virtual Machine (EVM)
Data Science

The Ethereum Virtual Machine (EVM)

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Fastest VPN in 2021 | ZDNet February 27, 2021
  • Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market February 27, 2021
  • MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company February 27, 2021
  • How AI Can Be Used in Agriculture Sector for Higher Productivity? | by ANOLYTICS February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates