Many WordPress users have recently detected fraudulent activity in their WordPress installation. We also had the opportunity to look into sites that were hosted on our servers.
WordPress Team has published a security update to address the vulnerability.
If your site is affected, you can use our cPanel / Plesk >> Softaculous to upgrade your WordPress package.
Tablepress v1.4 has a CSV injection, Survey & Poll 188.8.131.52 has a SQL injection, and WP Sitemap Page 1.6.4 has a stored XSS. If you're using one of these plugins, you should either update it to the patched version or remove it from your WordPress site.
We received a message from a private Facebook group where a person had fixed the problem.
WP Automatic users, verify if your site is diverting to random URLs or not, he/she wrote. (confirmed)
https://ithemes.com/wordpress-vulnerability-report-september-2021-part-2/ (part2) Locate your plugins...
Is the Redux framework used in your theme?
I discovered that four of the sites that used Smush, Redux Framework, and WP Automatic had been hacked...
The Classic Editor is also a suspect.
Confirmed: the Redux Framework, Check if your theme or any plugins using this.
As of now, there are 25 sites infected.
Fix: If it hasn't been a long time, disable the plugin > go to the database and replace the home URL and site URL to your own. Also, change the admin email to your own.
siteurl & home are two option You Need To Change.
You can either follow it or simply try updating WordPress. We recommend that you take action as soon as possible.
Powered by WHMCompleteSolution