A vulnerability in a popular WordPress plugin injects malware into your website and redirects your visitors to fraudulent websites. More than a hundred thousand websites use the plugin.

Security researcher Denis Sinegubko explains the vulnerability in a blog. He discovered the vulnerability in the plugin tagdiv composer It allows you to download layout themes for WordPress websites. It NewspaperThe theme has already been downloaded by almost 137,000 websites newsmagazine by almost another twenty thousand.

However, the vulnerability in the plugin does not give your website the look of a newspaper, quite the opposite. Hackers can exploit the vulnerability to cause a cross-site scripting error and install malicious code on websites. This is abused to redirect website visitors to fraudulent websites.

Wildfire

According to Sinegubko, the malware exploiting the vulnerability is spreading the name Balada has spread like wildfire. At least 17,000 sites are said to have already been vaccinated with a dose of Balada, more than double the number a month ago. Since 2017, there have been regular outbreaks of the malware, which has already infected more than a million websites.

Vulnerabilities in WordPress plugins are not uncommon and spread quickly due to the many blogs and websites based on WordPress. When you use WordPress, it’s important to not only keep your website updated, but also any plugins you attach to it. Update Tagdiv Composers to version 4.2 offers a solution to this vulnerability.