As a follow-up to my September 4 email regarding a WordPress automatic update, I wanted to alert you all to potential malware attacks. As mentioned previously, WordPress automatically updated to version 5.5, which caused conflicts with certain plugins. Conflicts allow for vulnerabilities to arise as the plugins update security to match the new version of WordPress.
Unfortunately, there are those who take advantage of these vulnerabilities, and we’ve seen malware being inserted into several sites already. The members affected have been notified directly. This can take the form of the site not loading, redirecting to a spammy or foreign language site, additional pages being added for products or services not associated with the site, etc. WordFence, a popular security software, noted that at least 700,000 have been affected by this situation (https://www.wordfence.com/blog/2020/09/700000-wordpress-users-affected-by-zero-day-vulnerability-in-file-manager-plugin/).
The Matador team is on alert to look out for these items, and the Uptime Robot plugin sometimes catches these and alerts us as well. We are working with Kanan Web Development to quickly resolve any issues we find. In the meantime, please alert us if you notice anything suspicious happening with your website.
September 4, 2020
WordPress recently automatically updated to version 5.5, and it appears as though it’s causing conflicts with plugins as they catch up to the recent version. These conflicts are allowing vulnerabilities to manifest in plugins, which can in turn lead to spammy redirects, downed sites, things breaking on the site, etc.
If you receive an email from WordPress alerting you that something is wrong, please forward it to us immediately so we can get the Kanan developers on it. While we do monitor the sites, our tools don’t catch everything, and we’ve had instances where errors are showing on some IPs and not others. Please note that in some cases, the temporary best solution will simply be to disable whichever plugin is causing the errors. This could lead to some things that need reformatting on the site, but will at least prevent the site from being vulnerable to hackers and malware in the meantime until we find a more permanent solution.
Please reach out if you have any questions or concerns.