{"id":36995,"date":"2020-09-03T23:20:48","date_gmt":"2020-09-03T23:20:48","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/"},"modified":"2020-09-03T23:20:48","modified_gmt":"2020-09-03T23:20:48","slug":"sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/","title":{"rendered":"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin"},"content":{"rendered":"<p>A critical vulnerability in a popular WordPress plugin called WP File Manager was spotted on Tuesday and was quickly patched by the plugin&#8217;s developers.<\/p>\n<p>But the flaw, which allows arbitrary file uploads and remote code execution on WordPress websites, is already being actively exploited.<\/p>\n<p>The WPScan WordPress Vulnerability Database, alerted to the bug by Finland-based WordPress service provider <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/seravo.com\/blog\/0-day-vulnerability-in-wp-file-manager\/\">Seravo<\/a>, says that there have been <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/wpvulndb.com\/vulnerabilities\/10389\">multiple WordPress sites compromised<\/a> as a result of the zero-day hole in WP File Manager.<\/p>\n<p>According to Securi threat vetter Anthony Garand, a WP File Manager developer renamed a file during local testing of version 6.4 and then accidentally added it to the project. The file, part of an open source library called elFinder, had a .php.dist extension that got changed to .php so it would be executable.<\/p>\n<p>&#8220;This change allowed any unauthenticated user to directly access this file and execute arbitrary commands to the library, including uploading and modifying files, ultimately leaving the website vulnerable to a complete takeover,&#8221; Garand explains in a <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/blog.sucuri.net\/2020\/09\/critical-vulnerability-file-manager-affecting-700k-wordpress-websites.html\">blog post<\/a>.<\/p>\n<p>Jerome Bruandet, CEO of Thailand-based web security biz NinTechNet, also <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/blog.nintechnet.com\/critical-zero-day-vulnerability-fixed-in-wordpress-file-manager-700000-installations\/\">posted<\/a> about the bug and said he&#8217;s aware of attempts to exploit the vulnerability.<\/p>\n<p>&#8220;It is actively exploited as we&#8217;re still seeing today many attempts to exploit the vulnerability,&#8221; he said in an email to <i>The Register<\/i>. &#8220;A lot of websites were attacked but we can&#8217;t know yet how many because some users won&#8217;t notice they were hacked before several days.&#8221;<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2019\/09\/18\/shutterstock_open_door_unlocked.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"A door left unlocked and open\"><\/p>\n<h2 title=\"Remote attackers were able create their own admin accounts\">Severe vuln in WordPress plugin Profile Builder would happily hand anyone the keys to your kingdom<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2020\/02\/17\/wordpress_profile_builder_v3_1_0_vuln\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>Bruandet said the attacks were detected quickly, which has helped limit the damage, but added that the bug is critical because the vulnerable script can be accessed directly, without loading WordPress and even if the plugin has been deactivated.<\/p>\n<p>WP File Manager has more than 700,000 active installations and WordPress admins are being urged to update immediately.<\/p>\n<p>The vulnerability affects versions 6.4 through 6.8. The patch arrived in <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/plugins.trac.wordpress.org\/changeset\/2373068\/\">version 6.9<\/a>.<\/p>\n<p>&#8220;The update can be done automatically in WordPress, otherwise the user must choose to install it,&#8221; Bruandet explained. &#8220;Installing the plugin will clear the folder where the backdoor is uploaded. But hackers are also infecting some WordPress core files and adding some code to control the site from a Telegram bot.&#8221;<\/p>\n<p>He said that forcing a WordPress reinstallation from the Updates menu in the app Dashboard should purge such files. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2020\/09\/03\/wordpress_plugin_bug\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sites with WP File Manager should update ASAP \u2013 exploits in the wild A critical vulnerability in a popular WordPress plugin called WP File Manager was spotted on Tuesday and was quickly patched by the plugin&#8217;s developers.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36996,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-36995","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-03T23:20:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin\",\"datePublished\":\"2020-09-03T23:20:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/\"},\"wordCount\":420,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/\",\"name\":\"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg\",\"datePublished\":\"2020-09-03T23:20:48+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/","og_locale":"en_US","og_type":"article","og_title":"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-09-03T23:20:48+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin","datePublished":"2020-09-03T23:20:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/"},"wordCount":420,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/","url":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/","name":"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg","datePublished":"2020-09-03T23:20:48+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36995","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36995"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36995\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36996"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}