WordPress has been updated a few days ago to version 4.7.2. It was a maintenance update that fixed also hidden security holes. But another issue with REST API is still open and an exploit is available in the wild. Now thousands of WordPress sites are compromised.
Advertising
If you don't use WordPress auto update, immediately update to version 4.7.2. Last week I received a security warning from WordFence security specialists pointing to this blog post. Folks from Bleeping Computer has published the article WordPress Team Fixed a Zero-Day Behind Everyone's Back and Told No One that should alarming every WordPress administrator. Now an exploit is available in the wild and its used.
There is also a 2nd issue with the new WordPress REST-API – WordFence's security experts has already published this blog post about that issue. And now it seems that thousands of WordPress sites are hacked.
I did a Google search for string by w4l3XzY3 and found a lot hits of compromised sites. Then I received a security notification from Sucuri reporting, that also other groups are trying to actively using zero-day exploits to compromise WP sites. If you are running a WordPress firewall, you should be protected against this vulnerability (that comes within the WP core). The other solution in WordPress 4.7.2: disable REST-API (you can use the WP Disable REST API plugin to do that).
Advertising