WordPress Plugins Under Siege: 2024 Vulnerabilities Leave Sites Ripe for Exploit!
Threat actors have found a way to give two popular WordPress plugins, GutenKit and Hunk Companion, a bug-induced makeover. With a combined active installation count of over 48,000, these plugins are now an open invitation for remote code execution (RCE). Wordfence has already blocked nearly 8.8 million exploitation attempts—talk about uninvited guests!
Hot Take:
Looks like WordPress plugins are having a bit of an identity crisis, trying to decide whether they’re there to help us build beautiful websites—or open a portal to the dark side for cybercriminals. GutenKit and Hunk Companion seem to have taken the “Get more installs” mantra a little too seriously, letting just about anyone install… anything. Wordfence is playing the hero, blocking millions of exploitation attempts, but it’s like trying to hold back a tsunami with a paper towel. Meanwhile, we’re all left wondering—should we keep our plugins or just go back to good old-fashioned HTML?
Key Points:
- Threat actors are exploiting three critical CVEs in two popular WordPress plugins.
- The vulnerabilities allow unauthorized installation and activation of arbitrary plugins.
- Wordfence’s bug bounty program unveiled these vulnerabilities in late 2024.
- Nearly 8.8 million exploitation attempts have been blocked by Wordfence’s firewall rules.
- Wordfence has released attacker IP addresses and domains to assist network defenders.