With significant advancements in technology in recent years, new cyber attack methods have emerged. While companies release updates to patch vulnerabilities against these methods, attempting to close one gap with updates can sometimes create a new vulnerability. According to recent developments, more than 1 million websites can be at risk due to a WordPress plugin.
Security vulnerability discovered in WordPress Website Builder plugin
According to a report published by the developers of Wordfence, a security plugin almost used on every website, a security vulnerability has been discovered in the Website Builder plugin developed by SeedProd, which has over 900,000 active installations.
According to the information provided, hackers can change the content of pages with this vulnerability, which is classified as high risk. In this context, it can be said that there is a serious vulnerability. This vulnerability, reported to be in version 6.15.21, was closed with the release of the developer’s 6.15.22 update. In this context, if you use this plugin on your website, we recommend updating.
WordPress, one of the most widely used website infrastructures globally, is used on 43% of all websites on the internet. In this context, it attracts the attention of hackers. The system also stands out with its reliability. Therefore, when a vulnerability is searched for in a WordPress site, vulnerabilities in plugins are usually investigated.
Especially after being developed and released by a developer, the likelihood of finding vulnerabilities in plugins that have not received updates for years becomes quite high. In this context, it is advisable to prefer plugins that are constantly updated.
What are your thoughts on this topic? Feel free to share your opinions with us in the comments section below.
{{user}} {{datetime}}
{{text}}