Major hack this week, check your WordPress site for new accounts

This week over a million WordPress websites have been compromised, granting full website administrative access to hackers. Are you affected? What do you need to do?

WordPress security company Wordfence this week detected a large scale coordinated attack against over 1.6 million WordPress websites running exploited plugins and Epsilon Framework themes.

The hack allows for the creation of new WodPress Administrator accounts, allowing full control of your website.

If you are running any of these software versions you should update your site immediately. You should also look at your Users list for any unrecognised Administrator accounts and delete.

Here are the vulnerable plugins and versions:

And these themes:

More details on the Wordfence Blog

As always, if you need assistance or advice, drop a note to our support team or get in touch.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on email

Want to become a WordPress super hero?

Get our top tips and guides direct to your inbox, contains 0% spam