WordPress Plugin Vulnerability Abused in Zero-Day Exploit
A vulnerability within the WPGateway premium WordPress plugin has been exploited by threat actors, as found and reported by security analysts from WordFence.
WPGateway Plugin Vulnerability Has Been Exploited
On September 13th, 2022, WordFence’s Threat Intelligence teamreported in a blog postthat a security vulnerability within the WPGateway premium plugin was exploited in the wild by malicious parties.
WPGateway can be used on WordPress sites to install and backup sites, as well as manage and clone themes and plugins. It allows website administrators to carry out actions more easily.
The vulnerability, known as CVE-2022-3180, has led to the attack of over 280,000 websites that use the WPGateway plugin. This can be done by adding a rogue, malicious administrator to a given site, which usually goes by the name “rangex”. By doing this, the attacker can take over the targeted site and do with it what they wish.
WordFence Claims Millions of Attacks Have Been Blocked
In the aforementioned blog post, WordFence stated that over 4.6 million attacks exploiting the CVE-2022-3180 vulnerability had already been blocked. However, many sites have still been successfully hacked via thiszero-day exploit.
At the time of writing, WordFence is remaining tight-lipped about the issue, having only released limited information about the attacks. It is not known whether information relating to the technical side of the exploit will be released in the near future.
WPGateway Is Not the First WordPress Plugin to Be Exploited
Plugin vulnerabilitiesare nothing new for WordPress. Just days before WordFence announced the WPGateway exploit, another WordPress plugin, known as BackupBuddy, was also exploited via a zero-day flaw. The biggest concern within this security threat was the theft of sensitive data from affected websites.
WordFence was also able to block millions of attacks stemming from this zero-day vulnerability, though some sites were still successfully targeted.
WordPress Security Threats Are a Long-Standing Issue
There are a number of ways through which a malicious actor could target and attack any given WordPress website. This is why it’s paramount that WordPress site administrators employ adequate security measures to steer clear of such risks.
If you find yourself using WordPress for work or a personal blog, here are five of the best Chrome extensions you can use to improve the experience.
You’re conveying the wrong meaning when you send these emojis.
Love fades, even for the best open-source darling.
So much time invested, and for what?
Don’t let aging hardware force you into buying expensive upgrades.
If an AI can roast you, it can also prep you for emergencies.
