Earlier today I wrote about the FishPig/Magento supply chain attack, now I have come across another WordPress cyber security problem. A popular WordPress plugin is being actively exploited.
PSA: Zero-Day Vulnerability in WPGateway Actively Exploited in the Wild (wordfence.com)
The Wordfence Threat Intelligence team have warned that WordPress sites running the WPGateway premium plugin are being actively being targeted. The article above lists some of the indications of compromise.
Do you run this plugin on your WordPress website?
You don’t know!
That is where your cyber security plan comes in – if you have the “normal state” of your organisation documented, then you can quickly check if an issue will impact you and who is responsible for dealing with it. Often organisations do not know what their web designers have done for them, or what the web designer does when it comes to cyber security. It is your web site, your reputation and cyber security – you are entitled to ask!
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
WordPress Security Plugin | Wordfence
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.