WordPress users are being asked to make sure that all their plug-ins are up-to-date after a 30-fold increase in attack traffic targeting majorly cross-site scripting vulnerabilities were detected by a researcher.
The surge in this malicious traffic over the last month peaked on May 3, 2020, when over 20 million attacks were attempted against over 500,000 individual sites, according to Ram Gall from Wordfence.
The attacks seek to exploit a few cross-site scripting vulnerabilities in the Newspaper theme, Easy2Map plug-in, and the Blog Designer plug-in. It also targeted the WP GDPR Compliance plug-in as well as the Total Donations plug-in.
Gall warned that the hacker behind all this might be able to pivot other vulnerabilities in the future.
“The most important thing you can do in a situation like this is to keep your plug-ins up-to-date and to deactivate and delete any plug-ins that have been removed from the WordPress plug-in repository. The vast majority of these attacks are targeted at vulnerabilities that were patched months or years ago, and in plug-ins that don’t have a large number of users,” Gall advised.
“While we did not see any attacks that would be effective against the latest versions of any currently available plug-ins, running a web application firewall can also help protect your site against any vulnerabilities that might have not yet been patched,” he added.