Vulnerability: Thousands Of WordPress Sites Vulnerable Fancybox Leak

The developer of the fancybox plugin for WordPress has an emergency patch for a vulnerability that in recent days has been used to provide all kinds of WordPress sites from malicious code. On the affected sites was placed an iframe that tried to infect visitors with malware.

Fancybox for WordPress is a plugin for viewing images. With 550,000 downloads, it's a pretty popular plugin. According to security firm Sucuri that the attacks were discovered many websites through the plug-in have been hacked. On the WordPress forum complain several users that their website via the plug-in malicious code is provided. Some websites would since last Christmas through fancybox been hacked.

After discovery of the vulnerability of the plug-in was temporarily by WordPress.org team removed from their repository.Meanwhile, who is available again, where users get urgent advice currently available update to version 3.0.4 to install.Google would now block the website where the iframe pointing and where the malware is loaded.