Home Security Advisory Security Advisory – Backdoor in WordPress AccessPress Plugins and Themes

Security Advisory

Security Advisory – Backdoor in WordPress AccessPress Plugins and Themes

February 7, 2022

598

Summary

A backdoor has been discovered in WordPress AccessPress Plugins and Themes which allows threat actor to access the targeted website. AccessPress plugins and themes are used to provide website functionality and design options to website administrators. Successful exploitation of this backdoor could allow an attacker to redirect users to malicious sites as well as access to the vulnerable website.

Recommendations:

Those who are using these plugins are required to scan the sites for signs of compromise by doing the following:

Check your wp-includes/vars.php file around lines 146-158. If you see a “wp_is_mobile_fix” function there with some obfuscated code, you’ve been compromised.
Query your file system for “wp_is_mobile_fix” or “wp-theme-connect” to see if there are any affected files
Replace your core WordPress files with fresh copies.
Upgrade the affected plugins and switch to a different theme.
Change the wp-admin and database passwords.

References:

https://www.bleepingcomputer.com/news/security/over-90-wordpress-themes-plugins-backdoored-in-supply-chain-attack/

Security Advisory – Backdoor in WordPress AccessPress Plugins and Themes

Summary

Recommendations:

References:

POPULAR CATEGORIES

Must Read

Microsoft Exchange Log Volume keeps increasing

Laptop shutdown suddenly

Outlook app for Windows calendar not launching

Using a single set of mouse and keyboard to work with multiple machines

Security Advisory – Multiple Microsoft products are vulnerable to the flaws patched by Microsoft

POPULAR POSTS

Unable to change time zone in Windows Server 2019

How to set Microsoft Edge home page using group policy

MS SQL Server 2016 Secondary Replica Database Status “Not Synchronizing”

POPULAR CATEGORY