Breaking news: WordPress attack


Attention merchants using WordPress, including WooCommerce merchants. The WordPress security experts at Sucuri have just broken news on a huge WordPress attack.

This attack focused on users of outdated versions of tagDiv themes and users of the popular and highly rated plugin Ultimate Member.

Here are the basic steps to protect yourself from the new WordPress attack

We recommend acting ASAP if you are using tagDiv themes, or Ultimate Member. If you are not sure, we recommend contact and we can put you in touch with a WordPress expert to help.

  • Update all themes and plugins.
  • Update and implement security procedures on ALL sites that share the same server or systems, even if they are not affected. If you do not do this you may soon be reinfected.

Here are some additional insights from the Sucuri Blog

  • “In the case of the tagDiv attack vector, the malware can be found and removed in the theme’s admin interface via. Theme panel > ADS > YOUR HEADER AD, or in the “Custom HTML” widget. Alternatively, you can work directly with the WordPress database, but be careful cleaning the serialized code.”
  • “In the case of the Ultimate Member attack vector, delete all PHP files in subdirectories under wp-content/uploads/ultimatemember/temp/ (for bonus points, disable execution of PHP files in this folder), and then remove the malicious code mentioned in this post from “header” and “jquery” files.”

You can read more here on the Sucuri blog. Be careful out there!