Latest posts by Alex Centeno (see all)
- Save 15 Minutes or More on WordPress with the Command Line - May 2, 2018
- Securing Your WordPress Login Page: You Can Never Be Too Safe - August 13, 2016
- DNS Records: Find me if you can! - July 3, 2016
If you are at all related to the web world, you will inevitably come in contact with WordPress; the beautifully-designed, easy to use content management system that is our favorite here at AndiSites. According to W3Techs, WordPress is now estimated to be used in 58.9% of content management system websites and in 25.7% of all websites.1
Since WordPress is the most popular CMS, hackers can target low-quality implementations (including weak installations and unsupported versions) in order to gain an edge. Hence the importance of making sure your WordPress website is developed and supported by skilled professionals, and that core security and plugin updates are made regularly.
The most recent vulnerability we discovered
A new client of ours sought help from AndiSites because they were seeing errors and experiencing problems with their site.
The vulnerability that we discovered was likely installed via a Gravity Forms plugin that hadn’t been updated to the latest version. We have heard of past hackers gaining access through Gravity Forms, and thankfully the folks at Rocketgenius (the plugin’s provider) address those vulnerabilities the moment they find them. Gravity Forms is included in many websites since it is a powerful, highly customizable form builder plugin that not only collects information but also integrates with lots of third-party database services. Unfortunately, some websites do not keep up with the latest security updates and put themselves at potential risk of getting hacked.
The actual code
Most importantly, you can’t just look for the reference in your installation because they use a PHP string replace function (they don’t write it out directly in the code). In this case, they used: “j..q..e..u..r..y…o..r..g” as part of the string, and then removed the dots with string replace (as in the example below).
The moral of the story
I don’t want to beat a dead horse reminding you again about the importance of a support plan with a reputable Wordress agency, but I want to encourage you to make the security of your website a priority. Security is a vital part of every website, and at AndiSites we build security into every website we do and provide support plans that give you peace of mind post-launch.