I hope you enjoy reading this blog post.
If you want my team help you Get More Traffic More Customers More Revenue With Digital Marketing, just book a call
X
If you want my team help you Get More Traffic More Customers More Revenue With Digital Marketing, just book a call
Last updated on 15 January, 2024 by Ravi Gupta
Leveraging pop-up plugins in WordPress for promoting special deals, exclusive discounts, or time-sensitive offers, websites are driving sales or expanding their subscriber base.
If you operate a WordPress site, chances are you've developed a lasting friendship with this daily ally.
There are many WP pop-up plugins out there. Each utilizing a different approach to target and re-target potential subscribers.
On the whole, pop-ups witness a positive rating, until they are updated and secured.
In a recent targeted campaign initiated in mid-December, over 6,700 WordPress websites employing an outdated version of the Popup Builder plugin have fallen victim to the Balada Injector malware.
Researchers at Dr. Web found a big attack using known problems in WordPress themes and add-ons. They uncovered Balada Injector, a large operation since 2017, which hacked over 17,000 WordPress sites.
The attacks involve adding a backdoor that sends visitors to fake support pages, lottery sites, and push notification scams.
As an example, the new Balada Injector campaign started on December 13, 2023, just two days after WP Scan found a problem called CVE-2023-6000 in Popup Builder versions 4.2.3 and older. This problem is related to cross-site scripting (XSS).
And the concern is that over 200,000 websites have reportedly been using Popup Builder for marketing and re-marketing purposes.
Sucuri, a website security company, found that the Balada Injector swiftly took advantage of a vulnerability in Popup Builder.
First, the attack exploited the "sgpbWillOpen" event, inserting malicious JavaScript into the site's database when the popup triggered.
Attackers later used an alternate method, altering the "wp-blog-header.php" file to insert the same harmful JavaScript backdoor.
They then identified admin-related cookies to load various scripts, disguising the main backdoor as a plugin named 'wp-felody.php.'
Researchers found that once a website is breached, the infection process doesn't stop.
Currently, 6,700 websites have been compromised in the Balada Injector campaign. To protect your WordPress site from Balada injection attacks, make sure to update your themes and plugins to the latest versions.
Also, keep the number of active plugins as low as possible to reduce the risk of automated attacks.
I'm Ravi Gupta, the founder of ravi-gupta.com. Here, I teach beginners to Get More Traffic More Customers More Revenue With Digital Marketing Join Our Newsletter
10 Best HR Software for Startups in 2024
Published on 8 February, 2024
What is Affiliate Marketing? Publisher’s Best Guide to Start in 2024
Published on 31 December, 2023
How To Make Money Blogging (Your Passive Income Guide for 2024)
Published on 31 December, 2023
Keyword Research for SEO – The Ultimate Guide For Beginners (2024)
Published on 31 December, 2023
Content Creation Checklist To Boost & Viral Blog Post 2024
Published on 14 December, 2023
Published on 14 December, 2023
Get FREE access to our Book - 299+ Way make money online without investment
Get The BookJun 6, 2019 at 9:48 pm
I have installed and activated the plug-in, put it in the side bar and logged in to FB (choosing my nominated page) however none of the Review & Slider Options came up, only the Facebook details, Title, Pagination, Characters before ‘ read more’ link, Widget Width etc.
ReplyThanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.
Save my name, email, and website in this browser for the next time I comment. Notify me of followup comments via e-mail. You can also subscribe without commenting. Submit CommentJun 6, 2019 at 9:48 pm
I have installed and activated the plug-in, put it in the side bar and logged in to FB (choosing my nominated page) however none of the Review & Slider Options came up, only the Facebook details, Title, Pagination, Characters before ‘ read more’ link, Widget Width etc.
ReplyThanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.
Save my name, email, and website in this browser for the next time I comment. Notify me of followup comments via e-mail. You can also subscribe without commenting. Submit CommentMay 21, 2018 at 7:53 am
Today I learned new technic from this Blog. Thanks.
ReplyThanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.
Save my name, email, and website in this browser for the next time I comment. Notify me of followup comments via e-mail. You can also subscribe without commenting. Submit CommentThanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.
Save my name, email, and website in this browser for the next time I comment. Notify me of followup comments via e-mail. You can also subscribe without commenting. Submit Comment
I'm Ravi Gupta, the founder of ravi-gupta.com. Here, I teach beginners Get More Traffic More Customers More Revenue With Digital Marketing Join Our Newsletter
Information
Navigate
Resources
© 2018-2024 Ravi-Gupta.com - All rights reserved
