WordPress’ Social Share Plugin Exploited

May 6, 2019 10:01 am

Threat Level: 3

WordPress, which is the most popular open source Content Management System, is dealing with the aftermath of a hack that affected one of their most used plugins, Social Warfare.  To give you an idea of how popular the Social Warfare plugin is, it has accumulated more than 900,000 downloads.  These hacking campaigns are exploiting two security vulnerabilities that are critical to the involvement of WordPress websites.

The first vulnerability is a Cross-Site Scripting (XSS) that was found in Social Warfare installations (v3.5.1 and v3.5.2) and is intended to add malicious redirects.  The other security vulnerability was a remote code execution (RCE).  With the release of the 3.5.3 version of the Social Warfare plugin, there is now a solution to these issues.

The misuse of the is_admin () function in WordPress is what was the cause of both hacks, since this function is not meant to prevent unauthorized visits.  Hackers had the ability to inject JavaScript codes to redirect users to malicious sites.  There are over 75 million WordPress websites, and many of those high traffic sites, such as education, finance, and news, are using the Social Warfare plugin.  There are about 40,000 sites that are currently using this plugin, and it was found that many of these sites are running a vulnerable version of it.

Since many websites are still using an outdated version of the Social Warfare plugin, it is highly recommended to update either to the 3.5.3 version or a newer version as soon as possible.  If not, these hackers will continue to target WordPress users and jeopardize their privacy and security.

Categorised in: ,

Book Your Free Consultation Today!