View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 10, 2017updated 28 Jul 2022 9:01am

WordPress security weak spot lets hackers infiltrate and vandalise

"This figure has spiralled out of control, and has spread across 39,000 domains with as many as twenty hacking groups taking part in the attack."

By Tom Ball

A security breach has led to the mass defacement of blog websites supported by WordPress, with a number allegedly as high as 1.5 million pages affected.

The exploited vulnerability was in the Representational State Transfer (REST) Application programming interface (API) – REST API. The weakness was allegedly only present in versions 4.7.0 and 4.7.1, with the issue fixed in 4.7.2.

The attack was first reported by the web security firm Sucuri, at which point it was discovered that ‘four groups of attackers defaced over 67,000 pages’, according to the BleepingComputer.

This figure has spiraled out of control, and has spread across 39,000 domains with as many as twenty hacking groups taking part in the attack.

There appears to be a continuing struggle with security for WordPress, after recently announcing patch 4.7.2 and encouraging users to upgrade as soon as possible to patch flaws with cross-site scripting and SQL injection.

Veracode’s Paul Farrington said of the situation:  “It is absolutely imperative that all users of WordPress 4.7.2 upgrade immediately to the new version. Despite having been around for over a decade and regularly featuring on the OWASP Top 10 list (the widely accepted standard for application security), both SQL injections and cross scripting vulnerabilities continue to expose enterprises to large-scale breaches and brand damage. The 2015 TalkTalk breach only serves as a reminder of the severity of this attack vector”.

READ MORE: Why is WordPress so hackable?

BleepingComputer reported that “WordPress and Sucuri experts realized they couldn’t keep” the details of the wider REST API attack “a secret” long enough for patch 4.7.2 to right the issue, as the scale of the attack mounted too quickly and intensely.

Content from our partners
Powering AI’s potential: turning promise into reality
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How businesses can safeguard themselves on the cyber frontline

WordPress has also been the target of other attacks; these include the hacking of the Reader’s Digest website for example, and according to David Emm, senior security researcher at Kaspersky Lab said “a couple of instances with cross site scripting exploits” had been noticed at the end of last year.

Topics in this article : , , ,
Websites in our network
The New Statesman Press Gazette Spears World of Fine wine Elite Traveler Leadmonitor
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU