As part of monitoring we do to make sure we are providing customers of our service with the best possible data on vulnerabilities in WordPress plugins they may be using we monitor for what look to be hackers probing for usage of plugins. Last week through that we found two plugins with unfixed vulnerabilities that hackers would likely target. With a third plugin someone else had figure out what hackers would likely target before us (we are making changes to our process to improve our ability to quickly spot issues like that one). On Monday we disclosed vulnerabilities a couple more unfixed vulnerability based on plugins we saw probed earlier this week. And we are having to do that again as today we saw an apparent hacker probing for usage of the plugin Social Metrics Tracker by requesting these files:

• /wp-content/plugins/social-metrics-tracker/readme.txt
• /wp-content/plugins/social-metrics-tracker/js/social-metrics-tracker.js

Like a number of the previous plugins this has a number of apparent security issues. With this one there is the possibility of there being a reflected cross-site scripting (XSS) flagged by our Plugin Security Checker, but the most serious obvious vulnerably we found was a persistent cross-site scripting (XSS) vulnerability. That has was an issue with some of the previous plugins and some others had an authenticated variant of that, so that might be what hackers are looking to exploit here. [Read more]