Search This Blog

Powered by Blogger.

Blog Archive

Labels

Thousands of websites infected via Vulnerability in WordPress OptimizePress Theme

A file upload vulnerability in the OptimizePress theme allowed attackers to infect thousands of Wordpress websites,

A file upload vulnerability in the OptimizePress theme allowed attackers to infect thousands of Wordpress websites, reports Sucuri.

The vulnerability in question is at "lib/admin/media-upload.php" location that allows anyone to upload any kind of files to the "wp-content/uploads/optpress/images_comingsoon" folder.

Sucuri Team has detected that more than 2,000 websites using the Optimizepress theme have been compromised.  All of the compromised sites have been injected with iFrame to same malicious domain.

Almost 75% infected websites have already been blacklisted in Google Safe browsing.

If you are using the above theme, you are urged to immediately upgrade to the latest version.  Otherwise, you will soon find yourself victim to malware infection. 
Share it:

File Upload vulnerability

hacker news

Malware Report

Web Application Vulnerability