The premium WordPress plugin LayerSlider, which is used in over one million sites, has been shown to be vulnerable to one of the most basic of cyber security hacks – unauthenticated SQL injection. There were tutorials at Napier University showing us how to carry out these types of hacks, it is old technology.
The recommendation to the 1M users is get the plugin patched!
Why do WordPress flaws attract so much attention?
WordPress is one of the most – if not the most – popular website package on the web. Both professional web designers and less professional web designers use it. One of the reasons it is so popular is that with a little work, anyone can alter the code or download a plug-in to customise WordPress for themselves.
These are also the reasons that make WordPress a prime target for threat actors. Hackers exploit any cyber security issues in the WordPress ecosystem as it is guaranteed to reach many thousands, if not hundreds of thousands of potential victims.
Your Takeaway
Here are a couple of articles looking at this can impact your organisation and potentially your trading reputation and why you may not have done anything about it:
How much are you relying on your web designer to protect your reputation?
Clive Catton MSc (Cyber Security) – by-line and other articles