securityonline.info 7/8/2026, 5:51:08 AM · external

MR.GREEN hits WordPress sites amid outdated PHP unpatched plugins

MR.GREEN hits WordPress sites amid outdated PHP unpatched plugins
CyberSIXT Evidence Panel Source marked as original reporting

THE report highlights critical vulnerabilities affecting WordPress due to outdated PHP versions and neglected plugins. Key findings include:

1. **Active Exploits**: Four active vulnerabilities were detected today, including those in JoomShaper and Adobe ColdFusion.

2. **End-of-Life PHP Versions**: Over 70% of surveyed WordPress sites run on unsupported PHP versions, with PHP 7.4 being the most common.

3. **Neglected Plugin Updates**: A significant number of sites lack updated plugins, exposing them to risks from known vulnerabilities. For example, only 22% of sites running Yoast SEO had the latest version.

4. **MR.GREEN Campaign**: An ongoing campaign that compromises WordPress sites and defaces them, primarily affecting those with outdated software.

5. **Recommendations for Site Owners**: Regularly update WordPress, PHP, and plugins to mitigate risks and ensure security.

View full article

Article by CyberSIXT