WordPress Bug Allows Hackers to Alter Website Content
Attention all clients that have WordPress!!!
Yes, that’s you. And that is why you are getting this MAJOR ALERT. The WebWorx, Inc. site was hacked last week after updating to 4.7.1. – the very next day. And then WordPress sent out a new update, which is 4.7.2.
We were unaware of it until a client emailed yesterday that they saw a couple “nasty blog posts” on my site. I then did some research and contacted my hosting company who sent this link to me. It is imperative that your website AND all plugins be up asap – and we mean NOW!
Please contact us as soon as you can regarding updating your site. There is a fee to update your files and then we can discuss a maintenance plan so that all your plugins and WordPress versions are kept up to date. OR, if you want to contact your hosting company to see if you have this service as a part of your hosting package, please do, and please contact them TODAY. However, depending on how old your site is, there is a possibility of it breaking. If that happens, we will
Your site is at risk of being hacked – and if it does, it will take hours to fix (at an additional charge), if it can be fixed.
Read about the issue below. It happened to me. It can happen to you.
A WordPress bug called REST API Endpoint allowed more than 67,000 websites to be hacked over the past two weeks, but the company has since rolled out a new version of the content management software with a patch to fix the problem, according to bleepingcomputer.com. The bug enabled hackers to infiltrate back end systems and change or inject words within content.
Although web security firm Sucuri informed WordPress back on Jan. 20 about the vulnerability to sites using 4.7 and 4.71 versions, the two companies decided to wait until last week to publicly announce the bug until it could successfully roll out a fix in WordPress 4.72, said Sucuri security researcher Marc-Alexandre Montpas in a blog post. If your website is one of the 27 percent of all sites that use WordPress–Data Center Knowledge being one–Sucuri highly recommends that you update to 4.7.2 as soon as possible.
We have here, but not before a few headlines on Data Center Knowledge were altered to read “Hacked by (insert group name here)”. Sucuri also warned that version 4.7.2 may not automatically update even if that feature is turned on in WordPress.
“Due to this type-juggling issue, it is then possible for an attacker to change the content of any post or page on a victim’s site,” Montpas wrote. “From there, they can add plugin-specific short codes to exploit vulnerabilities (that would otherwise be restricted to contributor roles), infect the site content with an SEO spam campaign, or inject ads, etc.”
Although thousands of site were compromised, and until recently continued at the pace of 3,000 defacements a day, according to bleepingcomputer.com, it would have been even more widespread had the public been notified of the bug right away.
This types of defacements are used to boost the SEO ranking of other sites or promote shady products. Websites that suffer from SEO-targeted defacements also have their SERP (Search Engine Result Page) indicator affected and risk losing their reputation on search engines, which in turns drives down traffic to their site.
Website owners are advised to update to WordPress 4.7.2. as soon as possible in order to avoid losing visibility on Google due to this REST API security issue.