Hacks, Issues, Exploits and VulnerabilitiesTech

WordPress plugin vulnerability led to thousands of sites hacked

Always keep your sites updated

MajorLinux
MajorLinux - Editor-in-chief
coffee writing computer blogging
Photo by Negative Space on Pexels.com

A WordPress plugin named “tagDiv Composer” has been linked to thousands of sites being hacked.

The vulnerability is being tracked as CVE-2023-3169 and has already been patched by the developers, but is still being exploited to take advantage of sites that have not updated to the latest plugin.

What makes this a bigger deal is the fact that the plugin is a mandatory plugin for two WordPress themes, Newspaper and Newsmag. These themes are available on the ThemeForest and Envato marketplaces, two popular sites for WordPress themes.

If you’d like more detailed information as to how the vulnerability is exploited, Ars Technica has a great article that goes more in depth.

As always, please make sure anything you have on the web that is public facing is updated as often as possible.

You Might Also Like

Tech Talk Thursdays Episode #115 (05/16/2024)

Tech Talk Today (05/15/2024)

Tech Talk Today (05/14/2024)

Tech Talk Today (05/13/2024)

Tech Talk Thursdays Episode #114 (05/09/2024)

TAGGED:
Share This Article
By MajorLinux Editor-in-chief
Follow:
Marcus Summers is a Linux system administrator by trade. He has been working with Linux for nearly 15 years and has become a fan of open source ideals. He self identifies as a socialist and believes that the world's information should be free for all.
Previous Article John Riccitiello Unity CEO, John Riccitiello, out effective immediately
Next Article xDefiant has been delayed indefinitely
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *