Malvertising Campaign targets WordPress

In this campaign, known vulnerabilities in WordPress plugins are exploited to inject malicious JavaScript into the frontends of victim sites, which causes the sites’ visitors to be redirected to potentially harmful content like malware droppers and fraud sites. Where possible, the payloads are obfuscated in an attempt to avoid detection.

The plugins currently under attack in this campaign are:

We’re relieved to report that none of our client’s sites are using any of these plugins.  Wordfence Security, which we install on most if not all of our client’s sites, blocks the exploit.  So you and your site’s visitors are all safe for now.

Posted in Exploit, Scam.