This WordPress Plugin May Have Exposed Websites To Hacks

February 24, 2021

Written by wukovits

this wordpress plugin may have exposed websites to hacksIs your company’s website built around WordPress? It wouldn’t be much of a surprise if that were the case. 24As the most popular platform on the web, there are tens of millions of WordPress sites out there, both personal and business.

One of the things that makes WordPress so attractive is that it’s insanely easy to customize. That is because there are thousands of plugins offered by a wide range of third-party vendors and developers that can change the software or enhance its capabilities making it possible to do just about anything.

One of the more popular WordPress plugins is something called “Responsive Menu.” As the name suggests, its purpose is to give administrators create W3C compliant and mobile-ready site menus. The idea here is that depending on what type of device you’re browsing a website from, the menu needs to be different in order to display with the greatest efficiency and be responsive to the user’s clicks or taps. The Responsive Menu plugin helps make that happen.

Unfortunately, popular, genuinely useful plugins are often targets for hackers. In this case, security researchers on the Wordfence Threat Intelligence team found a trio of different vulnerabilities in plugin, with some evidence that hackers knew about and had been using them in the wild to gain control over systems running the Responsive Menus plugin.

All three flaws are rated as critical and all three ultimately allow a hacker to gain complete control over a site running the plugin.

The good news is that the company behind the plugin responded quickly and patched the plugin to address the security issues. Unfortunately, that only helps users who regularly update their plugins. Based on current estimates, there are still more than 50,000 websites running an older version of the plugin that leaves them vulnerable.

The version number you’re looking for to make sure you’re protected is version 4.0.4. If you’re running anything before that, upgrade as soon as possible.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...