WordPress websites have very recently experienced an infection without any outdated plugin or known vulnerability. In this, it is a porn spam infection. Upon investigation, it's been discovered that that the common denominator across these WordPress sites was the plugin WP Mobile Detector that had a 0-day arbitrary file upload vulnerability disclosed on May 31st by the Plugin Vulnerabilities team. The plugin has since been removed from the WordPress repository. A patch to fix this vulnerability is now available.

How This Vulnerability is Exploited

The vulnerability is quite easy to exploit and requires the attacker to simply send a request to resize.php or timthumb.php (yes, timthumb, in this case it just includes resize.php), inside the plugin directory with the backdoor URL.

This WordPress vulnerability was publicly disclosed on May 31st, however Sucuri said this vulnerability had been on since May 27 according to reports from its logs.

Read full post on author's website: https://www.todhost.com/blog/wordpress-security-wp-mobile-detector-vulnerability-fixed.html