Login

Tag Archives: WP Compress

14 Feb 2025

Hacker Probing For WordPress Plugin With Many Vulnerabilities That Wordfence and Other Providers Incorrectly Claimed Were Fixed Last Year

Today we saw what appeared to be a hacker probing for usage of the WordPress plugin WP Compress on our websites. The probing was done by requesting a file from the plugin if the plugin had existed on our website, /wp-content/plugins/wp-compress-image-optimizer/readme.txt. We don’t use that plugin on that website or any of them. So what might explain a hacker’s interest in the plugin? Last year the WordPress security provider Wordfence claimed that a vulnerability had been fixed in the plugin, of a type that sounds like it could explain a hacker’s interest. Here is part of their description:

This makes it possible for authenticated attackers, with subscriber-level permissions and above, to edit plugin settings, including storing cross-site scripting, in multisite environments. [Read more]

5 Jan 2024

Hackers Relying on WordPress Security Providers’ Information to Target Vulnerabilities in WordPress Plugins

Today, we had a hacker try to exploit a vulnerability recently fixed in the WordPress plugin WP Compress on our website. In looking into that, we found another instance where it looks like hackers are relying on information coming from WordPress security providers to determine what vulnerabilities to target.

In the logging for our own firewall plugin, it showed an attack blocked for this URL, /wp-content/plugins/wp-compress-image-optimizer/fixCss.php?css=wp-content/../wp-config.php: [Read more]

13 Jun 2023

Our Proactive Monitoring Caught an Authenticated Option Update Vulnerability in WP Compress

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, isĀ our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, an authenticated option update vulnerability in the plugin WP Compress. The vulnerability is in part caused by wider insecurity in the plugin and there are additional vulnerabilities in the plugin, so we would recommend avoiding the plugin unless the security is overhauled.

We now are also running all the code in the plugins used by our customers through that monitoring system on a weekly basis to provide additional protection for them. [Read more]