Almost a month ago, researchers highlighted multiple WordPress plugins that had serious vulnerabilities. Specifically, these plugins had numerous vulnerabilities which the criminal hackers exploited for malicious activities such as malvertising. Now, once again, researchers have pointed out a vulnerability in another plugin, Rich Reviews which is being actively exploited by attackers.
Wordfence has once again spotted a serious malicious attack in the wild abusing WordPress plugin. This time, it is the Rich Reviews plugin that is under active exploit.
As revealed in their report, the plugin’s flaw has put around 16,000 websites at risk. These websites actively run the plugin, and are, hence, vulnerable to unauthenticated attacks.
According to the researchers, the plugin Rich Reviews has ‘two core issues’ that allow an adversary to exploit the flaw for XSS injections. As stated in their report,
The attackers can inject malicious codes to the vulnerable websites whilst exploiting the vulnerability. The code, in turn, facilitates the attackers to perform malvertising by creating redirects and popup ads.