Mass exploit of WordPress plugin backdoors sites running Joomla, Magento, too

Thu 24th Jul 2014

As many as 50,000 websites have been remotely commandeered by attackers exploiting a recently patched vulnerability in a popular plugin for the WordPress content management system, security researchers said Wednesday.

As Ars reported in early July, the vulnerability in MailPoet, a WordPress plugin with more than 1.7 million downloads, allows attackers to upload any file of their choice to vulnerable servers. In the three weeks since then, attackers have exploited the bug to install a backdoor on an estimated 30,000 to 50,000 websites, some that don't even run WordPress software or that don't have MailPoet enabled, according to Daniel Cid, CTO of security firm Sucuri.

Read more: