Security researchers found that cybercriminals are using WordPress plugins for an ongoing attack campaign targeting numerous WordPress sites. The researchers are from the security firm WordFence. The attackers are exploiting vulnerabilities in the WordPress plugins to divert traffic from the victim’s site to malicious websites.
“Over the past few weeks, our Threat Intelligence team has been tracking an active attack campaign targeting a selection of new and old WordPress plugin vulnerabilities. These attacks seek to maliciously redirect traffic from victims’ sites to several potentially harmful locations. Each of the vulnerabilities targeted by this campaign has been public for some time, and users are protected either by individual firewall rules or generic protections built into the plugin,” the researchers said in an official statement.
According to the researchers, the flaws in the WordPress plugins allow an attacker to get Admin access by modifying WordPress options and also enables the attacker to inject malicious 301 redirects on the targeted website.
Researchers said that various other WordPress plugins are under exploitation in the ongoing campaign including, Yellow Pencil Visual Theme Customizer, Blog Designer, Woocommerce User Email Verification, Coming Soon, and Maintenance Mode.