The popular WP GDPR Compliance plugin Plugin has a serious vulnerability.Any version less than 1.4.3 is vulnerable. Hackers are actively targeting this plugin. Sites are being hacked as of this writing. It is highly recommended to update now.
It’s been my anecdotal observation for the past several years that hacking related events tend to increase in the months leading up to Christmas. Hacking related bot activity seems to increase beginning in November. I believe that the reason hack bots probing for vulnerabilities increase is because criminals are targeting holiday shoppers.
These hacking bots are not restricted to WordPress sites. There are hacking bots attacking every kind of CMS. If your CMS or server software is out of date, there is a strong possibility that your site has been compromised, regardless of the CMS.
According to my traffic logs, all kinds of software is being tested for vulnerabilities.
This vulnerability is as bad as they get. Sites are actively being targeted.
For example, a Facebook user shared the following screenshot of their hacked site. The screenshot shows that hackers were able to create two Administrator level users on his website.
An administrative level user is able to do anything they want on a WordPress website. The Facebook user confirmed that this site used the WP GDPR Compliance plugin.
This victim related that the hacking appeared to be automated. The hackers had not yet installed backdoors and rogue pages yet.
He removed the rogue administrator accounts. Then he removed his old WordPress installation and installed a fresh version and updated the plugin. The site was soon back online free of the hacking effects.
It appears that the hackers may be employing bots whose role is limited to hacking WordPress sites through the WP GDPR vulnerability then registering admin accounts. It is later on that they set about creating rogue web pages. Nevertheless, it’s important to update this plugin as soon as possible.
According to the WPScan Vulnerability Database, the vulnerability allows a hacker to do whatever they want with the site. Here is what the Vulnerability Database relates:
“The plugin WP GDPR Compliance allows unauthenticated users to execute any action and to update any database value.”
Update your plugin to the fixed version, 1.4.3 (or higher if available). Any version less than 1.4.3 may be vulnerable.
Read the announcement here:
Download the fixed plugin here
Images by Shutterstock, Modified by Author
Screenshots by Author, Modified by Author
Get our daily newsletter from SEJ’s Founder Loren Baker about the latest news in the industry!
Ecommerce sales in 2018 have, so far, exceeded $500 billion in the U.S. alone. With the increasing use of smartphones… Read More
Google Ads is bringing its Merchant Promotions program to Shopping Actions for retailers. This integration allows online retailers to add… Read More
The top AMP plugin for WordPress, AMP for WP, has released a released a patch for a critical security vulnerability.… Read More
A well-orchestrated PPC campaign can benefit a good SEO campaign, as Sergey Grybniak explores in How to Combine SEO &… Read More
Social Media Marketing Industry Report In our 10th annual social media study (44 pages, 70+ charts) of 5700+ marketers, you'll… Read More
Recently, our firm took over the digital marketing efforts for a small company. Their previous digital marketing efforts were led… Read More