Hacked WordPress plugins can cause your site to be compromised because the attackers can inject malicious links that will redirect your website visitors. With a hacked WordPress plugin, hackers can do malicious activities such as stealing your login passwords, running harmful links or ads, and defacing your WordPress site. A hacked WordPress site can have disastrous results on your online business such as loss of website visitors, customers, and revenue.
Recently Hacked WordPress Plugins
Here’s a list of some of the recently attacked and exploited popular WordPress plugins over the past months. If you have not been maintaining your WordPress websites and you are using these plugins, you need to quickly update them to the latest versions in order to fix the vulnerability and avoid devastating consequences.
Elementor Pro and Ultimate Addons for Elementor
Elementor Pro a very popular plugin installed on over a million of WordPress sites. Last May, it was attacked and exploited by hackers in conjunction with Ultimate Elementor Addon, a plugin which is installed on approximately over one hundred thousands WordPress sites.
The ‘custom icon’ upload functionality in Elementor Pro was vulnerable and exploited by hackers. Attackers discovered a workaround to bypass restrictions on the uploaded file types, and were able to upload PHP files which served as web shell and backdoor.
The vulnerability in the Ultimate Elementor Addon on the other hand allowed the Elementor Pro vulnerability to be exploited, even if the WordPress site does not have user registration option enabled. Users of both plugins are recommended to update to the latest patched versions immediately.
Site Kit by Google
Site Kit by Google, is Google’s official WordPress plugin which is installed on over 300,000 sites. Last April, a vulnerability was discovered that allowed any authenticated user to hijack and become a Google Search Console owner for any site using the plugin. This is a highly critical security issue that may result to attackers getting owner access to your websites added in Google Search Console.
Owner access allows a hacker to modify your sites inside Google Search Console that may lead to your indexed post and pages being removed from Google search result pages. The attacker may also use your site for black hat Search Engine Optimization (SEO) purposes. It is recommended that you update to the latest version of this plugin immediately.
Page Builder by SiteOrigin
Page Builder by SiteOrigin, is a popular page creation WordPress plugin actively installed on over 1,000,000 WordPress sites. Last May, the Wordfence Team discovered vulnerability that allowed the attacker to make requests on behalf of a site admin and execute malicious code in the admin’s browser.
The security issue could lead attackers to inject malicious JavaScript redirects and steal admin login credentials to take over the site. The plugin has been patched by the developers. If you are using a version of the plugin below 2.10.16 you should update to the latest version quickly.
Popup Builder – Responsive WordPress Pop up
Popup Builder – Responsive WordPress Pop is a plugin use to create and manage promotional popups for a WordPress site. It is currently installed on over 100,000 WordPress sites or blogs. Last March, vulnerabilities were discovered that allowed an attacker to inject malicious JavaScript into a created popup which is executed whenever a popup is loaded in a WordPress page.
The flaws also allowed logged-in users even with just a subscriber role, to export database of newsletter subscribers containing sensitive information. It is recommend that users of Popup Builder versions 3.63 and below should update the plugin now.
Final Thoughts
WordPress plugins are constantly being attacked and most developers usually act fast to patch and fix the vulnerabilities. Consequently, WordPress site owners are responsible in updating the plugins they use on a consistent basis.
Therefore, to prevent malware attacks, site owners must make sure that they always update plugins whenever there are new versions. Updating WordPress plugins regularly will help ensure that hackers are prevented from exploiting your site due to outdated plugins.
Make sure to check out the WordFence Blog often to keep updated on the latest hacked WordPress plugins. Who knows, the latest hacked plugin may be the one your WordPress site is using right now.