#### MOST ATTACKED WORDPRESS PLUGINS MAKING YOUR SITE VULNERABLE TO HAKERS

in #technology6 years ago

The-Top-50-Most-Attacked-WordPress-Plugins-Making-Your-Site-Vulnerable-to-Hackers.jpg
Do you run a worldpress site? How aware are you of the vulnerabilities of your site to plugin attacks and hackers?

The worldpress plugin directory helps bloggers and website owners rid themselves of static pages and build intuitive user interfaces, all without the need to learn complex coding and website development skills.
However, given the open source and somewhat unregulated nature of plugin directory, it presents potential security risks .
Only study revealed that almost 98% of WorldPress blogs were easily exploited because they were running outdated versions of the software, or outdated plugins.

The darkside of the worldpress plugin

An inspection into some of the top WorldPress plugins found that a considerable number of the top 50 WordPress plugins were exposed to the possibility of being attacked via **SQL injection **and XSS. And a saparate inspection conducted for the top plugins and some contained vulnerabilities.
The post will highlight the most attacked worldpress plugins will showcase as

The type of the attack :This will reflect the '' location file inclusion'' attack that allows expoliters to download any file they want or the''Unrestricted file Upload'' that allows
expoliters to use a ''shell'' that gives them full remote access to target the site.

The exploit data base link :This will determine the language used by the penetration testers and vulnerability researchers.

if you use any of these attacked Worldpress plugins on your website, you may want to look into ways to improve your security.

1.RECENT BACKUPS(BACKUP FOR TOUR WEBSITE

Total attacks 2,159, 725

Type LFI

Exploit database** https://www.exploit-db.com/exploits/37752/**

link https://wordpress.org/plugins/recent-backups/

2.WP Symposium Pro(Social- Networking Plugin)

wp-symposium (1).png

Total attacks:** 2, 517, 975**

Type :**Shell **

Expliot database:https://www.exploit-db.com/exploits/35543/

Website link https://wordpress.org/plugins/wp-symposium-pro/

3.WPTF Image gallery (Modern Photo Gallery)

wptf-image-gallery (1).png

Total attacks: 2,164, 929

Type: Shell

Exploit database:https://www.exploit-db.com/exploits/37751/

Website Link:https://wpcore.com/plugin/wptf-image-gallery.

4.GOOGLE MP3 AUDIO PLAYER(AUDIO FILES)

google-mp3-audio-player (1).png

Total attacks: 128,622

Type:LFI

Exploit database:https://www.exploit-db.com/exploits/35460/

Website Link:https://wordpress.org/plugins/search/google-mp3-audio-player/

5.WP-Database Backup(Automated Backup collection of email)

Automated-backup-collection-to-email-address (1).png

Total attacks :148,661

Type:LFI

Exploit database:https://www.exploit-db.com/exploits/35378/

Website: https://wordpress.org/plugins/wp-database-backup/

6.eBook download(create eBooks)

aspose-cloud-ebook-generator.png

Total attacks:144,725

Type:LFI

Exploit database:https://www.exploit-db.com/exploits/39575/

#curiosity #information #surpassinggoogle
6 years ago in #technology by
$0.00
    1 vote
    Reply 1

    Coin Marketplace

    STEEM 0.18
    TRX 0.14
    JST 0.030
    BTC 58639.60
    ETH 3167.30
    USDT 1.00
    SBD 2.43