WordPress plugin with 10,000+ installations being exploited in the wild

Found on Ars Technica on Thursday, 02 June 2016

A growing number of WordPress websites have been infected by attackers exploiting a vulnerability that remains unpatched in a widely used plugin called WP Mobile Detector, security researchers warned.

The vulnerability can be exploited only when PHP option allow_url_fopen is enabled.

Wordpress again. Apart from trying to stop this via php.ini, every operating system worth being used should have SELinux running, which, by default, blocks the webserver from making outbound network connections. If not, then setsebool -P httpd_can_network_connect off fixes that.

Browse all articles« Previous « » Next »