Hello there, fellow WordPress website owner. You are going to want to hear this. Thousands of websites are being hacked because hackers are exploiting old and vulnerable WordPress plugins. I want to explain exactly what is going on and how you can keep your website safe.
Here’s how it works:
• The old versions of these plugins allowed anyone to install other plugins on your website without your permission.
• These vulnerabilities have been patched for a long time now, but many people do not ever update their plugins.
• In a matter of 48 hours, the security company Wordfence blocked over 8.7 million attack attempts from hackers attempting to exploit the plugin vulnerabilities!
The updated versions are:
1. They look around on the web continually searching for websites that use older versions of plugins.
2. They make particular requests to certain links on your site (such as /wp-json/gutenkit/v1/install-active-plugin) to get a new plugin in there.
3. They upload fake plugins that will look fine, but give them any functionality — change files, delete data or create fake admin accounts.
If you are not sure your site is safe today, check your plugin versions. Better to be safe than hacked right?
What is Going On?
According to an article on BleepingComputer, hackers are exploiting critical vulnerabilities in popular WordPress plugins: GutenKit and Hunk Companion. These vulnerabilities let hackers take over your website with a simple command.Here’s how it works:
• The old versions of these plugins allowed anyone to install other plugins on your website without your permission.
• These vulnerabilities have been patched for a long time now, but many people do not ever update their plugins.
• In a matter of 48 hours, the security company Wordfence blocked over 8.7 million attack attempts from hackers attempting to exploit the plugin vulnerabilities!
The updated versions are:
- GutenKit 2.1.1 or higher
- Hunk Companion 1.9.0 or higher
Why This Matters
If you have a WordPress site, this is a big concern. Hackers can:- Take control of your site and lock you out of it
- Steal information from your site
- Upload malicious files or insert fake webpages
How Hackers Are Doing It
To break it down simply, here's what they are planning:1. They look around on the web continually searching for websites that use older versions of plugins.
2. They make particular requests to certain links on your site (such as /wp-json/gutenkit/v1/install-active-plugin) to get a new plugin in there.
3. They upload fake plugins that will look fine, but give them any functionality — change files, delete data or create fake admin accounts.
What Can You Do
Don't freak out - just respond quickly and effectively. Here is what I like to do:- Update your plugins now - and definitely GutenKit and Hunk Companion.
- Delete any plugins you don't use - less is safer.
- Check your site logs to see if anything looks odd.
- Check for strange folders in your plugin directory.
- Back up your site regularly - just in case.
- Use a security plugin such as Wordfence or Sucuri.
My Concluding Statement
This incident proves one fundamental fact - not keeping your plugins up to date is a serious risk. Hackers are specifically looking for old software because it's easy to break into. Think of it in simple terms, updating plugins is like locking your front door. It is very easy to do and provides the protection you need from the bad guys.If you are not sure your site is safe today, check your plugin versions. Better to be safe than hacked right?
