As part of preparing an upcoming enhancement to the service, we have recently been taking a look at what traffic to our website indicates as to what hackers are targeting. Through that we noticed a connection between the existence of YouTube videos on exploiting vulnerabilities and what vulnerabilities are getting exploitation attempts. In the past few days we have seen a pickup in requests for pages on our website relating to the plugin Cherry Plugin. In looking for any recent mentions of vulnerabilities in this plugin we found a Youtube video showing how to exploit an arbitrary file upload vulnerability in it and an report on that vulnerability.
As we continue looking at ways we can improve the security of WordPress plugins, one of the thing we are trying is checking over plugins that we have recently added new vulnerabilities to our data set to see if we can find any other obvious vulnerabilities. The third we have spotted is in the plugin Cherry Plugin.
One of the things that we do to keep track of the plugin vulnerabilities out there is to monitor hacking attempts on our websites. That sometimes leads us to finding what looks to be exploitation of vulnerabilities that a hacker has just discovered. In other cases it shows really old vulnerabilities that hackers are still trying to exploit. We have recently had some attempts to exploit a couple of vulnerabilities in older versions of the plugin Cherry Plugin. One was an arbitrary file upload vulnerability mentioned here and the other was an arbitrary file viewing vulnerability that we couldn’t find any prior mention of.