WordPress is the most popular CMS with support of plugins.Plugins are used by web masters to make their WordPress based site better and more functional. But these plugins can make the website vulnerable if not properly coded. And these vulnerable plugins can be used to hack WordPress websites using these plugins.
A potential vulnerability has been found in a very popular WordPress plugin called “W3 Total Cache“. It is used to Improve site performance and user experience via caching. This plugin boasts that is has been used by many high-traffic sites like Mashable and Lockergnome. On Christmas day, a security researcher has disclosed that how a plugin misconfiguration leads to possible WordPress cms hack.
The vulnerability works on how the plugin stores the database cache. Researcher Jason disclosed that cache data is stored in public accessible directory. A malicious attack can retrieve password hashes and other database information from these public directories of WordPress.
Since cache data is stored in public accessible directory, An attacker can view these directories and can download date from these directory easily if directory listing is enable on the server. Researcher who identified the vulnerability also said, “Even with directory listing is off, cache files are by default publicly downloadable, and the key values/file names of the database cache items are easily predictable.”
As I already mentioned above that this plugin is widely used so millions of WordPress websites are vulnerable to this attack. If you are also a WordPress blogger that use W3 Total Cache plugin to boost your website, you must upgrade the plugin to a newer version and also to deny access to plugin directory by making an extra .htccess in that folder. I also advise users to use less plugins and install plugins only from trusted vendors. You must continuously upgrade plugins as soon as the update is available.