WordPress Panic: Plugins Gone Wild with Backdoors and Exploits!

Hunk Companion and WP Query Console plugins are like uninvited guests at a cybersecurity party—gatecrashing websites with vulnerabilities. The Hunk Companion bug CVE‑2024‑9707 lets attackers activate plugins, while WP Query Console’s flaw CVE-2024-50498 allows code execution. Update your plugins, or risk having your website become a hacker’s new home!

3P
Published: December 12, 2024 10:27 amAdded: December 12, 2024 at 2:51 amAssembled by: The Editor
Pro Dashboard

Hot Take:

In the world of WordPress, plugins are like chocolate: irresistible but sometimes hazardous to your health. It seems Hunk Companion and WP Query Console have turned into Willy Wonka’s ticking time bombs, giving hackers their golden tickets to sneak into our beloved websites. If your site is powered by these plugins, it’s high time you swapped out that chocolate for a carrot stick—security patch, that is!

Key Points:

  • Hunk Companion and WP Query Console WordPress plugins are being exploited for backdoor access.
  • The vulnerability in Hunk Companion is tracked as CVE-2024-9707 with a CVSS score of 9.8.
  • WP Query Console has a code injection flaw tracked as CVE-2024-50498, also with a CVSS score of 9.8.
  • Despite patches, many installations remain unpatched, leaving websites vulnerable.
  • Security firms report mass exploitation, with tens of thousands of attack attempts in a single day.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?