Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Multiple WordPress plugins are being hacked to attack websites across the world

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS).

Thousands of WordPress websites are at risk of being completely taken over by hackers, after the updating process of multiple plugins was compromised to deploy malicious code. 

Security researchers from Wordfence, an organization that monitors the security of the world’s biggest website builder platform, warned that they so far discovered five plugins whose patching functionality had been poisoned. 

When users patch these WordPress plugins, they receive a piece of code that creates a new admin account, whose credentials are then sent to the attackers. Therefore, the threat actors (whose identity has not yet been discovered) gain full, unabated access to the website.

WordPress risks

The plugins are called Social Warfare, BLAZE Retail Widget, Wrapper Link Elementor, Contract Form 7 Multi-Step Addon, and Simply Show Hooks. Cumulatively, these five plugins have 36,000 installs, with Social Warfare being by far the most popular one (30,000 installs).

At press time, it was not yet determined how the attackers managed to compromise the patching process for these five plugins. Journalists at Ars Technica tried reaching out to the developers, but received no answer (some didn’t even list any contact information on the plugin websites making it impossible to communicate). 

Wordpress is generally considered a secure website building platform. But it has a rich store of third-party themes and plugins, many of which are not as protected, or maintained, as the underlying platform. As such, they are a great entry point for threat actors. 

Furthermore, the themes and plugins can be both free-to-use and commercial, and the former ones are often abandoned, or maintained by a single developer/hobbyist. Hence, WordPress administrators should be very careful when installing third-party additions to their websites, and make sure they install only those they are intending to use. Finally, they should keep them updated at all times and keep an eye out for news on vulnerabilities.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.