Login

Tag Archives: Icegram Express

12 Jun 2024

At Least 10,000 WordPress Websites Still Have Exploited Versions of Icegram Express Plugin Installed

Yesterday, we detailed our findings on a SQL injection vulnerability that had been in the WordPress plugin Icegram Express, after having a hacker try to exploit it on our website. The vulnerability was addressed enough to stop exploitation on March 28, but hasn’t been fully fixed yet (neither has another vulnerability). Beyond the incomplete fix, what is concerning with this situation is that so many WordPress websites still have a vulnerable version of the plugin installed.

Based on data provided by WordPress, we can get some idea of how many websites still have a vulnerable version. The active installation count for the plugin is 90,000+. So somewhere between 90,000 and 100,000 websites. They also provide data on active versions of the plugin: [Read more]

11 Jun 2024

Hacker Targeting Recently Incompletely Fixed Vulnerability in WordPress Plugin Icegram Express

Over the weekend, we had a hacker attempt to exploit a SQL injection vulnerability that turned out to be one fixed recently in the 90,000+ install WordPress plugin Icegram Express on our website. We don’t use the plugin, so the exploitation attempt appears to be part of an untargeted attempt to exploit this.

Upon reviewing the relevant code, we found that it still isn’t properly secured, and neither is other, similarly accessed, code. We have reached out to the developer about that. Based on the continued insecurity, we would recommend not using the plugin unless it has a more thorough security review and all the issues are addressed. [Read more]