Popular WordPress Plugins That Have Been Recently Hacked

WordPress is a popular content management system (CMS) for building websites. More than 10 million websites are built on the WordPress platform, which means 30% of the websites on the Internet are powered by this powerful CMS.

However, its extensive usage and security vulnerabilities have made it a popular target among hackers, who are looking to compromise the quality and functionality of your site.

Popular WordPress Plugins That Have Been Recently Hacked

Statistics reveal that 73.2% of the popular WordPress installations have exploitable vulnerabilities. And, 50% of the hacks happen on WordPress plugins.

Recently, popular plugins installed and used by millions of websites have been found to have security problems and are being attacked by hackers.

List of Popular WordPress Plugins Recently Attacked by Hackers

  • Duplicator: A vulnerability allowed hackers to download arbitrary files from a site.
  • Themegrill Demo Importer: A vulnerability allowed attackers to delete the WordPress database and remove all existing users.
  • Profile Builder Plugin: The plugin contained a vulnerability in the administrator registration process that helped attackers to get backdoor access.
  • ThemeREX Addons: The security loophole enabled hackers to execute codes remotely and inject administrative user accounts.
  • Flexible Checkout Fields For WooCommerce: This plugin contained a vulnerability that helped attackers to inject XSS payloads for creating admin accounts.

Three more WordPress plugins used by thousands of websites have been compromised by hackers, including Async JavaScript, Modern Events Calendar Lite, and 10Web Map Builder for Google Maps.

If you’re using any of the above-mentioned plugins, then update or delete the plugin immediately or contact the plugin author to know if the security issues have been fixed and then act accordingly.

How to Prevent Your WordPress Site From Being Hacked

  • Use a secured website hosting server
  • Use a strong password for WP admin
  • Always keep the site updated
  • Don’t install insecure plugins
  • Install SSL certificate on your site
  • Set up a firewall
  • Hire website maintenance services

Have your site being hacked? Contact Source Soft Solutions to remove malware and prevent future attacks. We have expert WordPress developers who can help you maintain a secure website. Contact our website experts today!

To know how Source Soft can help your business grow!

Contact Us






Copyright Disclaimer: Unauthorized use, publication, and/or duplication of our website and blog content without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Source Soft Solutions with appropriate and specific direction to the original content.