Is your company's website built on WordPress?

It wouldn't be much of a surprise if that were the case. 24As the most popular platform on the web, there are tens of millions of WordPress sites out there, both personal and business.

One of the things that makes WordPress so attractive is that it's insanely easy to customize. That is because there are thousands of plugins offered by a wide range of third-party vendors and developers that can change the software or enhance its capabilities making it possible to do just about anything.

One of the more popular WordPress plugins is something called "Responsive Menu." As the name suggests, its purpose is to give administrators create W3C compliant and mobile-ready site menus. The idea here is that depending on what type of device you're browsing a website from; the menu needs to be different to display with the greatest efficiency and be responsive to the user's clicks or taps. The Responsive Menu plugin helps make that happen.

A trio of flaws found by Wordfence

Unfortunately, popular, genuinely useful plugins are often targeting by hackers. In this case, security researchers on the Wordfence Threat Intelligence team found a trio of different vulnerabilities in plugins, with some evidence that hackers knew about and had been using them in the wild to gain control over systems running the Responsive Menus plugin.

All three flaws are rated as critical and all three allow a hacker to gain complete control over a site running the plugin.

The good news is that the company behind the plugin responded quickly and patched the plugin to address the security issues. Unfortunately, that only helps users who regularly update their plugins. Based on current estimates, there are still more than 50,000 websites running an older version of the plugin that leaves them vulnerable.

My perspective

The version number you're looking for to make sure you're protected is version 4.0.4. If you're running anything before that, upgrade as soon as possible. One of the take-aways from this story is that responsibility for your website is also yours to deal with. There are myriad areas for critical exposure that are possible. Especially for the websites that include ecommerce functionality.

 

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!" ~

 

 


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work@home, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.

 

Contact me if you would like me to speak to your association

Used with permission from Article Aggregator