Copyright ©MMXXIV Patrick's Place LLC. All rights reserved.

Blogging

5 Compromised Plugins Identified on WordPress

Red flashing alarm light123RF

WordPress users need to check their sites immediately: five compromised plugins have been found in the plugin repository.

If you run a website powered by WordPress, please check your plugins immediately. Multiple sources are reporting that WordPress has identified compromised plugins in its repository. “Bad actors” injected malicious code into the plugins.

The code is able to create a new admin account, Help Net Security reports. That code effectively allowing them complete control over WordPress installations.

If hackers are able to create a new administrative account, they can change, delete, replace or add new content. They can misdirect users to websites that contain viruses and malware. They can even go after sensitive user information if the websites they take over sell products or collect such data. (Most blogs don’t collect sensitive data, of course. But WordPress powers many websites that aren’t blogs, some of which sell merchandise.)

At the very least, these compromised plugins can create a problem for site visitors.

That’s why website owners need to check their sites right away to make sure they aren’t using any of the plugins listed.

5 plugins suspended on WordPress repository

The website eSecurity Planet listed the five plugins identified as compromised:

That site points out that all five plugins carry a message in the WordPress Repository: “This plugin has been closed as of June 24, 2024 and is not available for download. This closure is temporary, pending a full review.”

However, as of Sunday night, two of the plugins’ pages carry an updated message. The pages for “Blaze Widget” and “Contact Form 7 Multi-Step Addon” now state this:

This plugin has been closed as of June 24, 2024 and is not available for download. This closure is permanent.

That definitely sounds more serious.

Fortunately, I don’t use any of the five plugins on this site. I feel relieved to know I didn’t choose problematic plugins. But then, that’s the scary part. I didn’t choose problematic plugins based on this list. You never know when someone will find more malware in other plugins.

All a website owner can do is watch their sites for suspicious activity and watch for updates about plugins that may be vulnerable.

If you are running any of these compromised plugins, deactivate them immediately! Then check your site to make sure there’s nothing suspicious!

Hopefully this is the extent of this particular attack. But there’s always a threat for the next one!

the authorPatrick
Patrick is a Christian with more than 30 years experience in professional writing, producing and marketing. His professional background also includes social media, reporting for broadcast television and the web, directing, videography and photography. He enjoys getting to know people over coffee and spending time with his dog.