Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: ITWiser Webmaster
WordPress plugins being hijacked!
It has been reported that plugin geniuses WordFence have discovered 3 critical security holes in WordPress extensions. These critical security holes are actively being used by hackers and the result is the hackers can take over your website.
The WordFence team were looking into a number of hacking attacks that looked rather odd, they back traced the intrusions to a PHP object injection vulnerability. The programming issue was present in 3 plugins that were used in the popular platform WordPress. It has been reported that patches to close these holes have now been prepared.
The affected plugins are as follows:
- Appointments by WPMU Dev – flaws patched in version 2.2.2
- Flickr Gallery by Dan Coulter – flaws patched in version 1.5.3
- RegistrationMagic-Custom Registration Forms by CMSHelpLive – flaws patched in version 22.214.171.124
It has been advised that if you use any of these plugins you need to get these updated to the patched versions.
ITWiser offer a wide range of services and solutions that can help prevent issues like this from affecting you and your business. We offer internal security audits and external security audits, these audits are designed to highlight issues inside and outside your network. For more information on these or on any of our services please get in touch today.