If you run a self-hosted WordPress website, then you must Beware:"ISIS is after you."Yes, you heard right. The United States Federal Bureau of Investigation (FBI) is warning WordPress users to patch vulnerable plugins for the popular content management system before ISIS exploit them to display pro-ISIS messages.According to the FBI, ISIS sympathizers are targeting WordPress sites and the communication platforms of commercial entities, news organizations, federal/state/local governments, religious institutions, foreign governments, and a number of other domestic and international websites.Targets seem to be random: They are not linked to particular name or business.The attackers are sympathizers and supporters of ISIS (also known as ISIL), not actual members of the terrorist organization. They are mostly unskilled people and are not doing much hard work — Just leveraging known WordPress plugin flaws in commonly available hacking tools.These vulnerabilities have already been fixed by WordPress developers, but individual Website owners have failed to install the patches.Want to know the best part?The software patches for these identified WordPress vulnerabilities are available. So in order to avoid an attack on your website is pretty simple — Just update your WordPress installation and its plugins now.Most of these flaws allow hackers to gain unauthorized access, inject scripts, bypass security restrictions, and steal cookies from PCs or network servers. This lets a malicious actor install malware, tamper with data or creates new accounts with full user privileges for affected websites.
Own a WordPress Website? ISIS is After You — FBI warns