from the do-people-still-use-WordPress? dept.
Hackers exploit critical vulnerability found in ~100,000 WordPress sites:
Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.
The flaw is in the ThemeGrill Demo Importer installed on some 100,000 sites, and it was disclosed over the weekend by Website security company WebARX. By Tuesday, WebArx reported that the flaw was under active exploit with almost 17,000 attacks blocked so far. Hanno Böck, a journalist who works for Golem.de, also spotted active attacks and reported them on Twitter.
"There's currently a severe vuln in a wordpress plugin called "themegrill demo importer" that resets the whole database," Böck wrote. "https://webarxsecurity.com/critical-issue-in-themegrill-demo-importer/ It seems attacks are starting: Some of the affected webpages show a wordpress 'hello world'-post. /cc If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)"
[...] The bug stems from a failure to authenticate users before allowing them to carry out privileged administrative commands. Hackers can abuse this failure by sending Web requests that contain specially crafted text strings.
"This is a serious vulnerability and can cause a significant amount of damage," WebARX researchers wrote in this weekend's disclosure. "Since it requires no suspicious-looking payload just like our previous finding in InfiniteWP, it is not expected for any firewall to block this by default, and a special rule needs to be created to block this vulnerability."
Specifically, the vulnerability allows attackers to delete all tables and populate the database with default settings and data. Accounts named "admin," assuming any exist, are set to their previously known password. In the event accounts named admin exist, the attacker will find themselves logged in with administrative rights.
Related Stories
WordPress, the most common content management system (CMS) on the Web, has about 60% market share. It is even found on nearly a third of all web sites, not just those running a CMS. Given this enormous presence, WordPress has changed the Web quite a bit through its existence. Here are seventeen trivia about WordPress.
If one person were to work on WordPress by themselves, it would take [them] 151 years of work to complete the project. Of course, there were many more people helping to build WordPress, but it's fun to think about how much went into the development of this software so many people use today. And to think they did it for free!
[...] It's hard to find a piece of software that is more influential than WordPress. It's used by millions of people all around the world, and because it's so good, and also because it's free, it will likely continue to be the CMS of choice for years to come. But no matter what happens, we can always be grateful for WordPress for making it easier for us to build websites, connect with one another, and turn the internet into what it was always meant to be: a safe space for free speech and uncensored self-expression.
Previously:
(2020-02-21) Hackers Exploit Critical Vulnerability Found in ~100,000 WordPress Sites
(2018-12-07) WordPress 5.0 Release Brings Brand New Editor for Easier Page Design
(2018-03-05) About a Third of All Web Sites Run on WordPress
(2015-12-28) Web Design Tools for Moderate Users
(Score: 2) by Snotnose on Friday February 21 2020, @09:50PM (5 children)
What kind of idiot would do that? Note this isn't saying the bug works around authentication, it's saying there is none.
dafuq indeed.
When the dust settled America realized it was saved by a porn star.
(Score: 2) by Booga1 on Friday February 21 2020, @10:06PM (2 children)
WordPress plugin programmers, is there anything they can't screw up?
Seriously, every time I hear about WordPress and security vulnerabilities it's almost always some crappy plugin that's to blame.
Not that WordPress is blameless. Their security record is rife with vulnerabilities. Yet, the plugins are just astronomically that much worse.
(Score: 2) by Common Joe on Saturday February 22 2020, @04:53PM (1 child)
Plugins are a thing with so many applications these days. It makes one wonder, how do most applications ensure their plugins are secure? Or is that possible? It's been an interesting to watch Chrome and Firefox dance with their plugin history.
(Score: 1, Informative) by Anonymous Coward on Sunday February 23 2020, @07:40PM
If you offer a way to load 3rd party executable code there is no way to make that secure, ever. At the point the plugin is allowed to execute it's already on the other side of the hatch. Users need to be made aware of that, that's about all you can really do (anything else is snakeoil).
(Score: -1, Troll) by Anonymous Coward on Friday February 21 2020, @10:46PM
Is it a coincidence that WordPress was developed by Khazar Jews? It's not a bug if it improves access for Mossad.
(Score: 2) by barbara hudson on Friday February 21 2020, @10:55PM
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.