WordPress Plugin Vulnerability leads to Panama Papers leak at Mossack Fonseca?

First Forbes and others reported that the Drupalgeddon security issue in an old version of the popular Drupal CMS was a cause for the Mossack Fonseca information leak causing the massive information leak on tax evation via offshore companies.

Now WordFence is reporting that they have also found WordPress has a vulnerable plugin which as been exploited in the largest leak of confidential information to date:

The Mossack Fonseca website runs WordPress and is currently running a version of Revolution Slider that is vulnerable to attack and will grant a remote attacker a shell on the web server.

It is now certainly been proven that maintaining your open source software is equally (in not even more so) important than that of closed source ones. An open door is an invitation.

Read the full article on WordFence website: Mossack Fonseca Breach – WordPress Revolution Slider Plugin Possible Cause

Written by Janita on Friday April 8, 2016

Permalink -