security

Urgent warning as WordPress bug allows hackers to DELETE your entire site in massive security flaw… – The Sun


AN URGENT warning has been issued to WordPress users after a bug on the system reportedly allowed hackers to delete entire sites.

The security flaw was first noted by Wordfence who said it it affected the Hashthemes Demo Importer plugin.

Unless backed up, the bug could see the website unrecoverable, one expert has said

1

Unless backed up, the bug could see the website unrecoverable, one expert has saidCredit: Getty

Experts say it has since been fixed but the vulnerability has not been noted by developer, TechRadar reports.

Threat analyst Ram Gall said: “The most severe consequence of this was that a subscriber-level user could reset all of the content on a given site.”

Unless backed up, the bug could see the website unrecoverable, Gall said.

He added: “While most vulnerabilities can have destructive effects, it would be impossible to recover a site where this vulnerability was exploited unless it had been backed up.”

LEFT VULNERABLE

Security expert Jake Williams told Threat Post: “Not only do organizations need to know the content management systems they are running, but also the plugins that are running on those systems too.

“This is yet another example of supply chain security where the WordPress system was trustworthy, but the plugin (which the security team probably doesn’t even know was installed) left them vulnerable.”

A second plugin, OptinMonster, is reported to have been compromised and could lead to sensitive information being exploited.

The Sun has contacted WordPress for comment.

It comes as Whatspp users have been warned to upgrade their Andriod phones.

In less than a week’s time, the popular social messaging app will update its current smartphones that are compatible with its software.

After November 1, Android devices running version 4.0.4 won’t be able to run the Facebook-owned app.

We pay for your stories!

Do you have a story for The US Sun team?





READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.