Sunday, September 25, 2022
HomeDigit NewsShocking Cyber ​​Attack! 280000+ WordPress sites hacked by hackers

Shocking Cyber ​​Attack! 280000+ WordPress sites hacked by hackers


WordPress sites were attacked by the CVE-2022-3180 zero-day vulnerability, as well as the WordPress premium plugin WPGateway, which is reported to be in use on more than 280,000 sites. Researchers are urging users to remove the patch from their websites until the patch is released.

What’s going to happen on WordPress

WordPress security plugin makers WordFence disclosed a bug in WPGateway, a premium plugin that helps administrators manage other WordPress plugins and themes from a single dashboard. According to the researchers, the defect is tracked as CVE-2022-3180, and has a Carrier Severity Score of 9.8. Which means they have the ability to capture the entire website.

Solving out

The WordPress security firm says the WPGateway plugin it received on September 9 is still vulnerable. Wordfence has reported the security bug to the WPGateway developer, but no patch has been released yet.” Since it is an enabled zero-day vulnerability, and the attacker is already aware of exploiting it , they know how it works and how to keep a hold of it.

 Cyber ​​Attack! 280000+ WordPress sites hacked by hackers


Prevented over 4.6 million cyber attacks

According to the company, if an administrator account with the username ‘Rangex’ appears in the dashboard, it means that the WordPress site has been compromised. Site owners may also check the site’s access logs for specific requests that indicate they have been targeted. Wordfence says that, in the past 30 days, it has prevented more than 4.6 million attack attempts targeting the WPGateway plugin on more than 280,000 WordPress sites.

- Advertisement -


Two Wheeler


Digit News