Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.
All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.
Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.
When they gain access to a site, they plant a backdoor for future access and make modifications to the site’s code.
https://www.zdnet.com/article/thousands-of-wordpress-sites-backdoored-with-malicious-code/
The biggest slap in the face with this is the same thing we see with a lot of companies, WordPress has done nothing since Feb 2017. This seem all to common and yet we still wait for regulations to put this behavior in check.
How ridiculous is it that this also effects an Expedia employee portal. I wonder if their portal was antiquated from the companies early days and left unchecked. It seem s a little odd that they would use wordpress for an internal site like an employee portal.