Select Page

Over 60 million websites powered by WordPress are under attack according to WordPress. There seems to be an ongoing “backdoor attack” that’s trying to compromise as many of these WordPress websites as possible. Here’s a quick list of what you need to know and if you’re in the danger zone.

What do WordPress website owners need to be aware of?

Wordfence Security posted a warning on their blog on 30th August stating that a malicious JavaScript discharged into compromised websites looks to “create a new user with administrator privileges on the victim’s site”. The team further stated that “If a logged-in administrator is identified as viewing the infected page, it then goes on to make an AJAX call via jQuery, one that creates a rogue administrator account”.

What is under attack?

A list of plugins that are under attack as been identified as follows:

What can you do?

If your website is powered by WordPress and using any of these plugins, the best course of action is to make sure that the plugins are updated. Click on the link above to verify the plugin update status, as most of these plugins have already been patched.

It is always recommended to make sure that you regularly maintain and update your WordPress website. Make sure that your WordPress software, themes and plugins are always up-to-date.

On a popular publishing platform such as WordPress, it’s no doubt that there will be ever emerging threats on a day to day with the sole purpose attempts to mislead your visitors and drive traffic away from your website.