Researchers are pointing out that hackers are still using a patched Word press vulnerability to deface the pages of millions of websites across the world, it has been reported.
According to researchers at WordFence, a Word press-owned cyber security research firm, hackers are still taking advantage of this vulnerability to successfully attack and deface the web pages of millions of websites in the world.
The vulnerability in questions, which was associated with the REST API, was patched earlier in the month when Word press released a new version of its platform called Word press version 4.7.2.
After releasing the update, Word press allowed its users some time to adopt the new changes.
However, it is reported that hackers have been taking advantage of the time that Word press has given to users to change to the new platform to carry out sustained hacking attacks against vulnerable websites.
It is said that most websites are so vulnerable to the attacks that even hackers can manage to execute remote code on them. Furthermore, reports indicate that hacker can successfully modify the page contents of websites by taking advantage of the vulnerability.
Details of eth hacking incidents related to the vulnerability show that most of the hackers behind the hacking incidents are newbie hackers who want to establish their reputations as seasoned hackers.
Another report by Succuri, a cyber security firm, indicates that about 1.5 million websites have been affected by the hacking incidents so far.
However, the firm is quick to point out that the defacement incidents are likely to end soon. According to Daniel Cid, who is the CTO of the firm, hackers who deface pages don’t get money from their work.
‘Given that hackers do not earn from defacements, it is likely that this trend is ending soon,’ he said.
Word press is yet to comment on the current developments.