The security firm Wordfence has made a troubling discovery: identical malicious code has been found in five different plugins for the popular content management system WordPress. This poses a serious threat to the security of numerous websites.
The discovered malicious code has far-reaching consequences. It allows attackers to steal database credentials and create unauthorized administrator accounts. Additionally, malicious JavaScript code can be injected into the footer of web pages to spread SEO spam.
Particularly concerning is the fact that only one of the affected plugins, “Social Warfare,” has a security update available. For the other infected plugins – “Blaze Widget,” “Wrapper Link Elementor,” “Contact Form 7 Multi-Step Addon,” and “Simply Show Hooks” – there are currently no clean versions available.
As an immediate measure, WordPress has suspended the download of the affected plugins. Website operators who have installed any of these plugins should consider their site compromised and promptly take security measures. These include reviewing and cleaning up administrator accounts and thoroughly examining the entire installation for further malicious code infections.
This discovery once again underscores the importance of regular security updates and vigilant monitoring of WordPress installations. Given the multitude of available plugins and the frequency of security vulnerabilities, it is essential for website operators to stay up-to-date with security developments.
This article is also available in german.
