Skip to content

New security flaw uncovered in WordPress

by on October 3, 2014

Researchers have revealed a potentially serious flaw in WordPress software, that allows hackers to search for abandoned or inactive WordPress sites before mounting phishing attacks aimed at enticing users to install infected updates.  Hackers can then quickly hijack the website and direct visitors to deliver malicious content.

WordPress is by far the most popular content management system. Having initially found success as a blogging platform, it is now hugely popular for business websites, operating as either a framework or a hosting service. However, the open-source nature of the system, as well as its popularity among web novices, does make it vulnerable when flaws are found. The report encountered several compromised WordPress websites.

WordPress offers a potentially easy entry point for hackers to introduce malware onto networks. Failing to maintain and update WordPress websites and plugins businesses are leaving themselves susceptible to attack. Businesses should be informing staff to only install updates and plugins from trusted sources and increasing awareness of this tactic. By properly educating staff and regularly updating WordPress businesses will be able to close off any potential weaknesses and reduce their susceptibility to attack.

From → pentura

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: