1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs

It’s been recently reported that over one million WordPress sites have been hacked due to two zero-day vulnerabilities in a popular plug-in. The security flaws were found in the File Manager plug-in, which is used by more than 700,000 websites worldwide.
The vulnerability was discovered by Wordfence Security, who immediately notified the developers of the plugin and released an emergency patch for users to apply as soon as possible. According to their report, hackers had already begun exploiting these bugs before they were patched.
WordPress has since issued a statement urging all users of this plug-in to update it immediately or risk being vulnerable to attack from malicious actors. They also recommend that any user who believes their site may have been compromised should contact their hosting provider and take steps to secure their website against further attacks.
In addition, WordPress recommends that all users regularly check for updates on plugins and themes they are using on their sites and install them when available. This will help ensure your site remains safe from potential threats like this one in the future.
Overall, it’s important for anyone running a WordPress site – especially those with high traffic – to stay vigilant about security issues like this one so they can protect themselves from cyberattacks now and into the future. By taking proactive measures such as updating plugins regularly and monitoring your website for suspicious activity you can keep yourself safe online while still enjoying all of the benefits of using WordPress!
|1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs|Security|Dark Reading

Original source article rewritten by our AI: Dark Reading