As part of monitoring we do to make sure we are providing customers of our service with the best possible data on vulnerabilities in WordPress plugins they may be using we monitor for what look to be hackers probing for usage of plugins. Last week through that we found two plugins with unfixed vulnerabilities that hackers would likely target. With a third plugin someone else had figure out what hackers would likely target before us (we are making changes to our process to improve our ability to quickly spot issues like that one). Earlier today we disclosed another unfixed vulnerability based on a plugin we saw probed for yesterday. And we are having to do that again as today we saw an apparent hacker probing for usage of the plugin Poll, Survey, Form & Quiz Maker by OpinionStage by requesting these files:

• /wp-content/plugins/social-polls-by-opinionstage/readme.txt
• /wp-content/plugins/social-polls-by-opinionstage/admin/js/menu-page.js
• /wp-content/plugins/social-polls-by-opinionstage/assets/content-popup/index.js

In looking into what the hacker might be interested in exploiting in that we first found that the code is quite insecure and then in a few minutes we found a persistent cross-site scripting (XSS) vulnerability in the current version of the plugin that is similar to vulnerabilities that hackers have widely exploited recently and very similar to the vulnerability we mentioned earlier today. There look to be additional vulnerabilities, so the plugin should more thoroughly reviewed and secured before being used. [Read more]