WP Statistics is a WordPress plugin that is used by over 500,000 different websites. It is a popular analytics plugin which allows site administrators to learn more about who is visiting their site.
Recently, a massive security flaw was discovered in the WordPress plugin. The security flaw allowed hackers to take advantage of a cross-site scripting (XSS) Vulnerability and gaining elevated control over the website.
How can the plugin be exploited?
The XSS vulnerability occurs when the WP analytics plugin fails to verify an IP address. Hackers can take advantage of this by injecting malicious javascript which can then be executed. Through methods like these, hackers can potentially gain access to your website’s admin area and make unauthorised changed.
Is your WordPress site safe?
Recently, version 12.67 was released. This version included a patch which prevents the vulnerability from being exploited.
To check what version of WP Statistics your site is running, go to Plugins > Installed Plugins. Find WP Statistics on the list. If the version number is lower than 12.67, you will need to update the plugin to keep your website safe.
Click here to download the newest version
Protect your WordPress website against hacks and malware
In order to prevent attacks on your WordPress website, an effective security strategy is often necessary. This often includes a secure host, powerful anti-malware scanning and great support and customer service.
This is where we can help you. With our help, you can protect your website against all sorts of hacks, malware and vulnerabilities. Talk to us today to see how we can help you protect your WordPress website.
Alternatively, we can quickly fix and recover a hacked WordPress website.