Important Vulnerability on Advanced Custom Fields Plugin for WordPress

We are excited to announce that CloudLinux will be participating in the upcoming WordPress Agency Summit 2024, a premier event for web developers, designers, freelancers, and agencies focused on building fast, dynamic WordPress sites. This online summit, hosted by Crocoblock, will run from September 27th to 29th and feature a variety of presentations, workshops, and panel discussions.

We are thrilled to announce that CloudLinux will be participating in WordCamp US 2024, taking place from September 17–20 at the Oregon Convention Center in Portland, Oregon. This premier event brings together WordPress enthusiasts, developers, and industry leaders from around the globe, and we’re excited to be part of it!

Recently Imunify360 malware researchers received a couple of requests by the community to examine the “Quick Page/Post Redirect Plugin”. The plugin is widely used roughly in ~100k installations. This investigation will expose techniques used by plugins to inject ads passively into websites, in most of the cases the website’s owners do not even know or allow it. It will answer questions made by WordPress' broader community which didn’t have a chance to have proper feedback on forums.

Attention WordPress enthusiasts! The much-anticipated WordCamp Phoenix 2024 is just around the corner, and it’s shaping up to be an event you won’t want to miss. Scheduled for February 9-10 at Phoenix College in Arizona, this event promises to be a melting pot of ideas, innovations, and insights in the world of WordPress.

One of the easiest ways to attack a web site is to gain entry through a content management system, such as WordPress. To do this, hackers try to force a login to a site’s WordPress installation using frequently used passwords. These sorts of attacks are known as brute-force attacks. Additionally, read our website hosting security and WordPress Security article and learn how to keep your website secure.

The WordPress content management system or (CMS) is one of the most popular web applications on the market. It’s estimated that WordPress powers almost 43% of the internet, up from 30% just a few years ago. The foundation for the content management system’s success is its convenience, simple installation, and vast theme and plugin community. WordPress can be used by someone who has very little knowledge of the ways a web application functions, but it comes at the expense of security. The article covers the following topics:

The recent cyber attack found by Patchstack researcher Rafie Muhammad on the "Advanced Custom Fields" plugin for WordPress is a stark reminder of how vulnerable websites can be to hackers. In this case, over two million users were at risk of cyberattacks due to a vulnerability (a flaw, tracked as CVE-2023-30777) that allowed miscreants to inject malicious code into webpages and potentially hijack administrative accounts.

As a website owner, you understand the importance of keeping your site secure from the constantly growing cyber threats that lurk in the digital realm. While WordPress security plugins can offer some protection, they often fall short when compared to full-system security software. In this blog post, we'll delve into the limitations of WordPress security plugins and explain what you should look for in a security solution. 

The recent news about the security incident at GoDaddy is not limited to GoDaddy. The attack is multi-year and affects hundreds of thousands, or even millions, of accounts across multiple hosting providers. The criminals are deploying redirects and other malicious payloads. We at Imunify have observed and combated this widespread issue and have been addressing it through our Imunify360 security solution.

As part of Imunify360’s proactive malware research activities, we recently identified that a plugin named Adicionar Banco Inter ao WooCommerce from WordPress repository, which can be used to identify malware in web servers, indeed had active malware inside one of the plugin’s source files.