Researchers Uncover 89 Zero-Days in CMS Platforms
Popular content management system (CMS) platforms may be vulnerable to a plethora of cyber threats, according to security researchers. Recently, a team at Comparitech investigated the recent surge in web defacement attacks, eventually leading to the discovery of 89 zero-day vulnerabilities in CMS platforms. In July 2019, there were roughly 300,000 web defacement attacks, however, this number more than doubled in May 2020, with 700,000 attacks.
In its investigation, Comparitech found zero-day vulnerabilities in CMS platforms such as Joomla, Drupal, WordPress, and Opencart, as well as their hundreds of plugins. According to Comparitech, an estimated 100,000 websites are running compromised plugins and therefore are vulnerable to the zero-day exploitations, with the majority of them on WordPress (78430).