As we all know, WordPress provides people a cheap and easy route to getting a website. However, you get what you pay for with these things, and this is a classic example of that.
Zero-Day Viruses infected users through Insecure WordPress Plugin
One of WordPress’s most popular plugins, “FancyBox” had gone un-updated for nearly two years, leaving it open for attackers to inject malicious scripts into websites using the plugin. This redirected victims to “203koko” websites, infecting their computers.
This was discovered on Wednesday, February 4th. The next day, Thursday, the plugin was updated to secure it again.
However this should be a good warning to you. With a CMS like wordpress and the variety of third party plugins, you never really know if what you’re getting is secure. Going through a professional web design firm that uses its own code and CMS will generally ensure that you’re getting constantly updated and safe content.
Don’t cheap out on your website! Play it safe.
This post was sourced and paraphrased from this News360 Article.