Subj : Millions of attacks hit WordPress websites - here's how to make s To : All From : TechnologyDaily Date : Mon Oct 27 2025 14:15:08 Millions of attacks hit WordPress websites - here's how to make sure you stay safe Date: Mon, 27 Oct 2025 14:03:00 +0000 Description: Three old WordPress vulnerabilities are being leveraged to establish persistence and steal files. FULL STORY ======================================================================Unpatche d GutenKit and Hunk Companion plugins exploited in mass WordPress attacks Attackers use up plugin to gain admin access and deploy malware Wordfence blocked 8.7 million attempts in 48 hours; updates remain critical Three critical-severity vulnerabilities, found in two WordPress plugins and fixed more than a year ago, are now being exploited in mass attacks against websites which still havent patched the issues. WordPress security experts Wordfence said it blocked more than 8.7 million attack attempts over the course of roughly 48 hours utilizing GutenKit and Hunk Companion. The former extends Gutenberg by adding dozens of extra blocks, templates, and layout tools, while the latter is a helper plugin for ThemeHunk themes that adds sections like team, services, portfolio, sliders, and more. Malicious payload on GitHub Between October and December 2024, three flaws were found - and patched - in the plugins: CVE-2024-9234, CVE-2024-9707, and CVE-2024-11972. All three were rated critical (9.8/10), and allow threat actors to install arbitrary plugins and run malicious code on vulnerable sites. Now, threat actors are taking advantage of the fact that many sites are not that diligent when it comes to applying fixes. Wordfence says the hackers are using the vulnerabilities to install a malicious plugin called up, thats being hosted as a .ZIP archive on GitHub. The plugin allows the threat actors to upload, download, or delete files from the site, as well as to tamper with the sites permissions. It also allows the threat actor to automatically log into the vulnerable website as an administrator. Wordfence also says that between other things, the attackers are using up to set up persistence, steal information, and drop additional malware. Being the worlds number one website builder platform , WordPress is a popular target among cybercriminals. However, since it is generally considered safe, the attackers usually go for themes and plugins, since these are often vulnerable, or lose support. The best way to mitigate the risk is to only keep the plugins and themes you are actually using, and to make sure they are updated at all times. Via BleepingComputer Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. ====================================================================== Link to news story: https://www.techradar.com/pro/security/millions-of-attacks-hit-wordpress-websi tes-heres-how-to-make-sure-you-stay-safe --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .