WordPress sites were attacked by the CVE-2022-3180 zero-day vulnerability, as well as the WordPress premium plugin WPGateway, which is reported to be in use on more than 280,000 sites. Researchers are urging users to remove the patch from their websites until the patch is released.
What’s going to happen on WordPress
WordPress security plugin makers WordFence disclosed a bug in WPGateway, a premium plugin that helps administrators manage other WordPress plugins and themes from a single dashboard. According to the researchers, the defect is tracked as CVE-2022-3180, and has a Carrier Severity Score of 9.8. Which means they have the ability to capture the entire website.
The WordPress security firm says the WPGateway plugin it received on September 9 is still vulnerable. Wordfence has reported the security bug to the WPGateway developer, but no patch has been released yet.” Since it is an enabled zero-day vulnerability, and the attacker is already aware of exploiting it , they know how it works and how to keep a hold of it.
Prevented over 4.6 million cyber attacks
According to the company, if an administrator account with the username ‘Rangex’ appears in the dashboard, it means that the WordPress site has been compromised. Site owners may also check the site’s access logs for specific requests that indicate they have been targeted. Wordfence says that, in the past 30 days, it has prevented more than 4.6 million attack attempts targeting the WPGateway plugin on more than 280,000 WordPress sites.