As part of monitoring we do to make sure we are providing customers of our service with the best possible data on vulnerabilities in WordPress plugins they may be using we monitor for what look to be hackers probing for usage of plugins to make sure we quickly can warn our customers of unfixed vulnerabilities that hackers are likely targeting. There seems to be an ongoing hacker campaign exploiting previously undisclosed vulnerabilities as in the past couple of weeks there have eight plugins that we have seen hackers newly probing for and number nine is WPeMatico RSS Feed Fetcher (WPeMatico), for which there was probing on our website today by requesting these files:

• /wp-content/plugins/wpematico/readme.md
• /wp-content/plugins/wpematico/readme.txt
• /wp-content/plugins/wpematico/app/js/campaign_wizard.js

In looking at the plugin we found that, like a number of the other plugins, it contains a persistent cross-site scripting (XSS) vulnerability. [Read more]