Urgent: WordPress Zero-Day Exploit Hits Hacker Forums

ThreatMon, a cyber threat analysis platform, has reported the emergence of an advertisement on a notorious hacker forum offering a Zero Day exploit for WordPress for sale.

The vendor claims that this exploit, implemented as a PHP script and designed to be used in conjunction with a WordPress plugin, is capable of uploading Shell scripts to approximately 110,000 websites and compiling a list of their URLs.

Dubbed Autoshell, the exploit is compatible with any PHP file and is listed with an initial asking price of $10,000. The vendor highlights the profitability of this offer, considering the market value of similar exploits. The script’s ability to upload files to numerous sites hints at a potentially widespread vulnerability that could significantly impact a large segment of the WordPress ecosystem.

WordPress Autoshell

The vendor specifies acceptance of payment exclusively in cryptocurrency and a refusal to accept prepayment, underscoring the illicit nature of the transaction. The cybersecurity community is vigilantly monitoring the situation, striving to identify and mitigate any vulnerabilities that the exploit may target.

The sale of such exploits poses a grave risk to website owners and users alike, as exploitation can lead to unauthorized access, data breaches, and other malicious activities.

WordPress site administrators are strongly advised to remain vigilant, promptly update their software, and monitor for any unusual activity on their sites. Additionally, employing security plugins and firewalls is recommended to mitigate the risk of exploitation.