Is WordPress vulnerable? Here is the problematic plugin!

0

How secure is WordPress, which is used as the content creation infrastructure of many sites around the world? Here are the details…

 

WordPress, which is used to enter content on any site, is known as the most popular of the existing content management systems. The system, an open source website creation tool written in PHP, emerged in 2003 as a branch of the project b2/cafelog. Currently, more than 60 million websites in the world use WordPress infrastructure.

Researchers recently identified a vulnerability in this system. They explained that this vulnerability leaves thousands of WordPress-infrastructure websites vulnerable to attacks that would allow them to be completely taken over. So what is being done against this vulnerability?

Vulnerability in WordPress system

A security firm called Wordfence shared a blog post on this topic. According to this post by the company, the errors are present in Brizy – Page Builder, a WordPress plugin installed on more than 90,000 sites.

The researchers observed the traffic of the Brizy – Page Builder plugin. Meanwhile, they encountered an unusual potential problem. Although the plugin is not under active attack, they have detected a number of interconnected bugs.

While investigating this unusual traffic, Wordfence came across two new vulnerabilities that were reintroduced in the plugin. He also explained that an earlier patched access control helped them discover this vulnerability.

This vulnerability increases the chances of websites being hacked and taken over by others. In addition, malicious JavaScript can be added to posts on the site. Published content can be edited, deleted or new ones can be added. This puts the cybersecurity of many WordPress users, especially large companies, at risk.

Brizy – Will Page Builder security be improved?

The issues were first spotted by Wordfence in early June. Researchers thoroughly investigated this vulnerability and made sure of the source of the problem. He then reported this to the seller in mid-August. About a week after that, the developers released a full patch.

System developers brought an update to these errors and urged users to update this plugin immediately. Users are recommended to update Brizy – Page Builder plugin to version 2.3.17. Although the update has come, there is a possibility that some versions may not have reached.

What do you guys think about this problem WordPress is facing? You can share it with us in the comments…

LEAVE A REPLY

Please enter your comment!
Please enter your name here