Security researchers are warning users of popular content management system (CMS) platforms that they could be exposed to a range of cyber-threats, after uncovering 89 zero-day vulnerabilities.
A team at Comparitech decided to investigate a recent surge in web defacement attacks which appears to have bucked the long-term trend of a decline in such activity.
Monthly attacks soared from around 300,000 in July 2019 to nearly 700,000 in May 2020. Comparitech privacy advocate Paul Bischoff claimed the rise may be due to hackers staving off boredom while in lockdown.
As part of its investigation, the team uncovered 89 zero-day vulnerabilities in platforms such as WordPress, Joomla, Drupal and Opencart — and their plugins. It claimed that as many as 100,000 websites are currently running plugins vulnerable to exploitation of these bugs, and that the vast majority of which were on WordPress (78,430) and Joomla (16,360).
