Critical vulnerabilities in WordPress plugins – December 2021

Critical vulnerabilities in WordPress plugins – December 2021


To ensure that your WordPress website is secure and stays that way, you need to have a security plugin.

One reason is that they report regularly on critical vulnerabilities of plugins you might use.

There are few available, although my preference goes to Wordfence.

Critical vulnerabilities in WordPress plugins – December 2021

The Wordfence Threat Intelligence team found sofar these vulnerabilities:

A vulnerability that was discovered and patched RegistrationMagic – Custom Registration Forms, User Registration and User Login”

A plugin installed on over 10,000 sites.

This flaw made it possible for unauthenticated attackers to login as any user, including administrative users, on an affected site as long as a valid username or email address was known to the attacker and a login form created with the plugin existed on the site.

The vulnerability has been fully fixed as of version 5.0.1.8 released on November 25, 2021.

Wordfence strongly recommends ensuring that your site has been updated to the latest patched version of “RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin,” which is version 5.0.1.8

Read full details

A vulnerability in Variation Swatches for WooCommerce

A WordPress plugin that is installed on over 80,000 sites and acts as an extension for WooCommerce.

This flaw made it possible for an attacker with low-level permissions, such as a subscriber or a customer, to inject malicious JavaScript that would execute when a site administrator accessed the settings area of the plugin.

Wordfence strongly recommends ensuring that your site has been updated to the latest patched version of “Variation Swatches for WooCommerce”, which is version 2.1.2

Read full details

AWS Attacks Targeting WordPress Increase 5X

The Wordfence Threat Intelligence team has been tracking a huge increase in malicious login attempts against WordPress sites in their network. Since November 17, 2021, the number of attacks targeting login pages has doubled.

"We’ve seen a global increase in attacks against WordPress sites during the past week, and more than a quarter of all the malicious login attempts we’re tracking are now originating from AWS EC2 instances" - Wordfence

All Wordfence users, including sites using Wordfence Free, receive best-in-class protection against malicious login attempts. Attacking IPs are automatically blocked from a site after a user-configurable number of unsuccessful login attempts.

Many site owners still reuse the same password in multiple locations, and data breaches, such as the recent GoDaddy breach, are frequently a source of compromised passwords. These compromised passwords are used by attackers to attempt to login to even more sites and services. Using this technique, attackers may guess your login correctly on the first try.

They also recommend that everyone use 2-factor authentication wherever possible, as it is an incredibly effective way of protecting your site even if an attacker has your password. The free version of Wordfence includes 2-factor authentication as a feature.

Read full details

All the best,

Luc

Thank you for your time. All you have to do now is click one of the buttons below to share with people you know or leave a comment. I thank you if you do ?

Add a Comment

Your email address will not be published. Required fields are marked *