WordPress 4.7.1 Vulnerability Hacked By SA3D HaCk3

Recently one of my clients had two of their wordpress websites hacked. The main evidence were two posts added to the blogs with a title either ‘Hacked By SA3D HaCk3’ or ‘Hacked by Xurupitas Farm’.

After doing my research on Google I found that the reason was a vulnerability in 4.7.1 release of WordPress. So users who failed to upgrade from 4.7.1. to 4.7.2 suffered from the vulnerability in WP_Query. Although the Worspress Core is not endangered, some themes and plugins could be susceptible to a SQL injection (SQLi) when passing unsafe data. This issue was fixed in 4.7.2 version.

What did the hackers Add To The Blogs

After deleting the injected posts, I looked into the wordpress databases for more clues and did find some revisions of the aforementioned posts, but anything else.

Then I checked the websites with two free online scanners for malware. I used Sucuri and Quiterra to double check the blogs for viruses. Both of them didn’t find anything suspicious.

The moral of this story for me is to bring attention to our customers for the need to update core software and plugins regularly. Additionally, automatic background updates are very useful in promoting better security. One approach for this is to add a statement enabling core upgrade in the WordPress config file wp-config.php

Configuration of wp-config.php

Using wp-config one can completely disable Worpress core

define( 'AUTOMATIC_UPDATER_DISABLED', true );

or fine-tune the way core will update in future.

define( 'WP_AUTO_UPDATE_CORE', true );

In the above statement we can have three values.
True- the core will always update, even in major upgrades
False- the core will never update
Minor- Only minor updates will be executed

Categories: Wordpress

1 Comment

page content · March 15, 2017 at 11:13 pm

Excellent blog here! Additionally your site a lot up fast!

What web host are you using? Can I am getting your affiliate
link on your host? I want my web site loaded up as fast as yours lol

Leave a Reply

Your email address will not be published.

Related Posts

Wordpress

How To Do Find & Replace In WordPress Datababes

Whatever operation you perform on a WordPress database, don’t forget to backup it before you start! Find & Replace with Worpdress Plugin Better Search and Replace Plugin is one of the most popular WordPress plugins Read more…

Wordpress Plugins

Free Social Networks Autoposters

The scope of this article is far beyond explaining the crucial importance of social media networks for blog authors and publishers. Social networks are the best traffic sources nowadays. Creating fan club and getting your Read more…

Wordpress Plugins

Top Free Slider Plugins For WordPress

It has become blogging fashion to show off your images and videos with a slider. Sliders are cool and great for visual representation of the media. They are great for review bloggers as they showcase Read more…