This week an unpatched vulnerability in WordPress was disclosed by security researcher Dawid Golunski that could potentially allow an attacker to reset admin passwords. This vulnerability impacts most versions of WordPress, including the current release 4.7.4.
Category: Shell / Information Disclosure
Trend Identified: 4/20/2017
CVE ID: N/A
Trend Name: Trend Tusayan
Vector: Application Vulnerability, Multiple
LOW: The vectors used to infect websites appear to be well-documented vulnerabilities in older versions of website platforms.
HIGH: This infection provides complete control of the target website, including credential disclosure and database contents.
HIGH: This infection provides the adversary administrator-level access to impacted website applications, making total data loss a possibility.
The SiteLock team has discovered a dangerous malware trend that not only provides website administrator level access to the bad actors involved, but exposes sensitive website credentials publicly over the internet.