|FBI Issues PSA: ISIL Defacements Exploiting WordPress Vulnerabilities : eAskme|
The FBI has reported that these defacements are being carried out by the Islamic State in the Levant (ISIL), also known as Islamic State of Iraq and al-Shams (ISIS).
Only WordPress websites are vulnerable to these exploits. Attackers are using relatively unsophisticated methods. The defacements are easy to fix, but can cause disruption to business operations.
Also See : Yoast WordPress SEO Plugin Vulnerable To Hackers
Even if it is easy to fix, still the vulnerability is a serious issue as it allow attacker to take full control over a website.
If your website got hacked, then FBI recommends you following actions:
Identify WordPress vulnerabilities using free available tools such as
Review and follow WordPress guidelines:
Update WordPress by patching vulnerable plugins:
Make sure that all plugins that you are using are of most updated version.
WordPress securing blog Sucuri said that the top 2 plugins are being exploited, GravityForms (Version < v1.8.20) and RevSlider (Version < 4.2). Only older versions of are being exploited, so if you are using latest versions then you need not to worry.
Also See : Google Provides Tips On How To Fix Hacked Sites
There have also been several attacks reported against various other plugins, including Mailpoet, Wp Symposium, FancyBox etc. Attckers are trying to exploit anything, so it`s better to have latest version of plugins to be on safe side.
If you hav eany question or suggestion, feel free to share via comments. Don`t forget to like us on fb and subscribe our newsletter to get free updates.