WordPress Anti-Malware Firewall Vulnerability Allows Administrator Level Hacking! Do This To Prevent It

By

A new WordPress anti-malware firewall vulnerability can lead to serious hacking levels. Cybersecurity researchers even claimed that this new plugin flaw could allow online attackers to conduct an administrator-level malicious campaign.

WordPress Anti-Malware Firewall Vulnerability Allows Administrator Level Hacking! Do This To Prevent It
A visitor tries out an HP Spectre XT laptop computer featuring an Intel Ultrabook processor at the Internationale Funkausstellung (IFA) 2012 consumer electronics trade fair on August 31, 2012 in Berlin, Germany. IFA 2012 is open to the public from today until September 5. Photo by Adam Berry/Getty Images

The new vulnerability is pretty serious since it was found in the popular anti-malware firewall plugin called Anti-Malware Security and Brute-Force Firewall.

More than 200,000 websites use this security plugin. It is specifically designed to defend other websites, acting as a firewall and a security scanner.

On the other hand, its premium version prevents brute force attacks that can breach passwords and usernames and conduct DDoS campaigns.

New WordPress Anti-Malware Firewall Vulnerability

According to Search Engine Journal's latest report, it seems like the firewall plugin accidentally patched a cross-site scripting flaw.

WordPress Anti-Malware Firewall Vulnerability Allows Administrator Level Hacking! Do This To Prevent It
According to the figures of the platform of the fight against cybercrime (PLCC) of the national police, nearly one hundred crooks of the internet, were arrested in 2018 in Ivory Coast, a country known for its scammers on the web, has announced on April 2, 2019 the Ivorian authority of regulation of the telephony. (Photo by ISSOUF SANOGO / AFP) Photo by ISSOUF SANOGO/AFP via Getty Images

Security experts are now concerned because this new vulnerability can allow reflected XSS attacks. Malicious actors can take advantage of this new flaw by uploading a script.

The implemented script can be activated when a website administrator visits the compromised URL. After that, online attackers will have admin-level permissions, allowing them to access sensitive user data.

Although the United States Government National Vulnerability hasn't considered this flaw a severe-level vulnerability, it can still lead to serious malicious campaigns.

Preventing WordPress Anti-Malware Firewall Flaw

Cybersecurity researchers said that the best thing that users can do is to have a backup of their WordPress data. They need to do this before updating any WordPress theme or plugin.

After that, they can now install the new Anti-Malware Security and Brute-Force Firewall WordPress Version 4.20.96 to fix the issue.

Aside from the new firewall security flaw, Bleeping Computer recently reported that another WordPress plugin vulnerability put around 500,000 websites at risk of hacking.

If you want to know more about the flaw in the WordPress Elementor Website Builder plugin, you can visit this link.

In 2021, millions of WordPress sites were affected by some plugin flaws.

Meanwhile, WordPress and other browsers said that they are against Google's ad-targeting tech.

For more news updates about WordPress and other websites, always keep your tabs open here at TechTimes.

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags:Wordpress
Join the Discussion
Most Popular
Real Time Analytics