WordPress Malware Alert

2021 WordPress Hacks

Keep All Sites Current to Avoid Shared Hosting Hack.

2021 WordPress Plugin Attacks

Zero-day vulnerability

Yes a harker can take over your site if you are using Fancy Product Designer plugin. WordFence were the first to report that hackes could take over a site using Frany Product Designer plugin.

As a developer and designer – I don’t know why anyone would use the Fancy Product Designer plugin. WooCommence is a top heavy resource sucker – no matter you cache it. WooCommence does require an arsenal of companion plugins (shipping rates, shipping labels, custom orders, coupons, colors, abandoned cart – seriously the list goes on).

Why you would want to add another one-function plugin to a WooCommence enviroment really puts the developer at question (quailty is a choice – you may wanna fire that developer).

Two critical severity flaws in Facebook for WordPress (formerly Facebook Pixel). The first flaw allowed hackers to achieve remote code execution.

The second flaw simply had to trick the admin user to click a link and the hackers could inject malicious code into the site.

The full scale of attack remains undetermined. By injecting Scripts hackers can skim credit card info. And, redirect users to fake sites.

Users were redirected to fake sites. And, prompted to confirm they were not a robot. As of March 2021, the malicious file is undetected by 90% of antivirus engines.

Compromise the admin accounts. Then using the site to install malicious plugin wpstaff.

4/17/21 – 15 Elementer plugins with over 100 vulnerable endpoints. Allows for “cross-site scripting or malicious JavaScript“. 

Inject malicious code into vulnerable website. And take over the website. 

Attackers send out newsletter with their own custom content. Followed by deleting your entire contact list. Let Mailchimp handle your newsletter services. 

Sucuri reported the 123ContactForms hack. Attackers are able to use software flaws to create their own posts. And, easily add malicious files to the website.

Stored cross-site scripting (xss) security bug. 

2020 WordPress Plugin Attacks

Hackers were able to identify admin users. Followed by a password reset. Locking the admin user out. And, giving the hacker full control to all site functions and user accounts.

WordPress developers categorized the security issues affecting the plugin and one-of-the-worst.

WordPress developers pushed an automatic update to all users (even those that had the plugin disabled).

The forced update was the first indicator that WordPress has the ability to automatically update everyone’s plugins – even when they are not active.

Over 530,000 sites are still exposed to attackers. Yes, NextGen Gallery got hit by another hacker. This time, using Remote Code Execution to effectively take over the WordPress site.

NextGEN Gallery acted quickly to provide a patch for the hack. A few days after the release only a small portion of the GalleryGen Gallery plugin had updated to the safe version of the plugin. Leaving more than 530,000 potentially exposed to takeover attacks.

In 2017, NextGen Gallery was attacked with a SQL injection.  Allowing hackers access to the website database. Including sensitive user information.

Threat Intelligence team reported a XSS flaw in Ninja Forms. The plugin flaw let attackers replace contact forms with a malicious form.

Learn More About WordPress

Read my most recent WordPress Blogs.

Read my blog to learn more about The Impact of Using WordPress Plugins

Article Updates

• 2/18/21 – Added second NextGEN Gallery WordPress plugin article link.
• 2/25/21 – Added second Ninja Forms WordPress Plugin hacked.
• 3/3/21 – Updated Ninja Forms Bug 3.
• 3/16/21 – Page Layout Redesign. More information at the bottom of page.
• 3/16/21 – Added new listing. Contact Form 7, Elementor, Popup Builder, and Orbit Fox.
• 4/8/21 – Added jQuery Migrate plugin.