Researchers are warning of an ongoing campaign exploiting vulnerabilities in a slew of WordPress plugins. The campaign is redirecting traffic from victims’ websites to a number of potentially harmful locations.
Impacted by the campaign is a plugin called Simple 301 Redirects – Addon – Bulk Uploader as well as several plugins made by developer NicDark (now rebranded as “Endreww”). All plugins have updates available resolving the vulnerabilities – but researchers in a Friday post warned that WordPress users should update as soon as possible to avoid attack.
“Redirect locations were a typical spread, whatever ad network is running it likely does some geolocation and tracking to decide where to send you,” said Mikey Veenstra with Wordfence told Threatpost.