Vulnerabilities in WordPress Themes Put Millions of Sites at Risk

vulnerabilities in wordpress themesSecurity researchers recently detected a large-scale malicious campaign targeting themes that utilize the Epsilon Framework. Threat actors took advantage of Function Injection vulnerabilities in a number of WordPress themes.

Epsilon Framework vulnerabilities in WordPress themes put millions of sites at risk

According to Wordfence researchers, the themes are installed on more than 150 thousand websites. However, their estimate reveals hackers have launched more than 7.5 million attacks against at least 1.5 million sites. Why are the numbers so big? “While we occasionally see attacks targeting a large number of sites, most of them target older vulnerabilities,” Wordfence says.

The numerous attacks are targeting security flaws patched in the past several months. The researchers have provided a list of vulnerable plugins and versions currently prone to cyberattacks:

Shapely <=1.2.7 NewsMag <=2.4.1 Activello <=1.4.0 Illdy <=2.1.4 Allegiant <=1.2.2 Newspaper X <=1.3.1 Pixova Lite <=2.0.5 Brilliance <=1.2.7 MedZone Lite <=1.2.4 Regina Lite <=2.0.4 Transcend <=1.1.8 Affluent <1.1.0 Bonkers <=1.0.4 Antreas <=1.0.2 NatureMag Lite <=1.0.5

Security researchers believe that most of the attacks are probing, attempting to determine whether a site runs a vulnerable theme. However, website owners should be warned that remote code execution exploits are possible with these specific flaws. “These attacks use POST requests to admin-ajax.php and as such do not leave distinct log entries, though they will be visible in Wordfence Live Traffic,” the Wordfence team adds.

How to protect your website

In case your site is using one of the plugins mentioned above, it is highly recommended to update it. However, if a patched version is not yet available, you can temporarily use another theme or a firewall to block any attack attempts. Note that you should download a backup copy of the current theme if you have customized it.

You can also check if your installed plugins, widgets, and other apps are running on their latest versions. All these elements can be vulnerable to cyberattacks, as evident by the increasing reports we see almost daily. So, check all active site apps for vulnerable code, just to be sure your site is safe. You can read more web security tips in HowToHosting.Guide’s dedicated article.

Researched and created by:
Krum Popov
Passionate web entrepreneur, has been crafting web projects since 2007. In 2020, he founded HTH.Guide — a visionary platform dedicated to streamlining the search for the perfect web hosting solution. Read more...
Technically reviewed by:
Metodi Ivanov
Seasoned web development expert with 8+ years of experience, including specialized knowledge in hosting environments. His expertise guarantees that the content meets the highest standards in accuracy and aligns seamlessly with hosting technologies. Read more...

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree
At HTH.Guide, we offer transparent web hosting reviews, ensuring independence from external influences. Our evaluations are unbiased as we apply strict and consistent standards to all reviews.
While we may earn affiliate commissions from some of the companies featured, these commissions do not compromise the integrity of our reviews or influence our rankings.
The affiliate earnings contribute to covering account acquisition, testing expenses, maintenance, and development of our website and internal systems.
Trust HTH.Guide for reliable hosting insights and sincerity.