In the previous month, the researchers came across various WordPress plugins that contained specific serious vulnerabilities. Such vulnerabilities have put the WordPress plugins open to all sorts of cybercriminal activities. Specifically, such vulnerabilities listed in the WordPress plugins were put to use by the malicious criminal hackers for various nefarious activities such as malvertising.
Of late, the researchers have once again come across such vulnerabilities in another plugin of WordPress, Rich Reviews. This vulnerability is gain actively being used by criminal hackers to carry out various nefarious activities.
It is Wordfence who has comes across such vulnerabilities of the plugin of WordPress, Rich Review. The report released by Wordfence clearly states that this vulnerability of the plugin has put around 16000 websites at the risk of various cyber attacks by criminal hackers. All the sixteen thousand websites now actively run the plugin and hence with its flaws has become vulnerable to unauthenticated attacks.
Possible Steps Of Mitigation Being Taken To Address The Vulnerabilities Of Plugin
After discovering the flaws and vulnerabilities of the plugin the researchers gave a time of one week to the developers to address and fix all the vulnerabilities to prevent cyber attacks for the sixteen thousand websites that actively run the plugin.
However, the researchers had to publicly open about the vulnerabilities to prevent any problems for the users. The researchers even stated that though the developers had successfully removed the Rich Reviews plugin from the WordPress 6 months ago, yet the users will not be able to use it till the plugin is again reinstated in its repository state.
Moreover, the researchers also stated that since the rate of vulnerabilities is quite high, the developers will need time to rewrite the plugin process. The Nuanced Media also reported that they will discontinue the plugin.