WordPress Security Alert: Mass Exploit Campaign Targets Arbitrary Plugin Installations

What happened and what it means for their sites

On September 25, 2024, and again on October 3, 2024, submissions were received through a Bug Bounty Program concerning Arbitrary Plugin Installation vulnerabilities in the GutenKit and Hunk Companion WordPress plugins, which have tens of thousands of active installations. These vulnerabilities could allow unauthenticated threat actors to install and activate arbitrary plugins, potentially enabling remote code execution. Wordfence Firewall has reported blocking millions of exploit attempts targeting these issues. The guidance suggests updating to GutenKit version 2.1.1 and Hunk Companion version 1.9.0 as soon as possible. Users of the Wordfence security suite received firewall rules to protect against exploits on September 27, 2024 and October 10, 2024, with protections rolled out to free users after a short delay.

In the meantime, the community is encouraged to keep an eye on official posts with full details and to ensure that backups are in place. WordPress site owners are reminded to run versions of impacted plugins that include the fixes and to maintain a routine for monitoring for suspicious plugin activity.

What their audience can do to stay safer

• Enable updates for WordPress core, themes, and plugins on a regular cadence.
• Update affected plugins to latest versions: GutenKit 2.1.1 and Hunk Companion 1.9.0.
• Keep reliable backups and test restorations to minimize downtime after a potential incident.
• Apply firewall rules and security patches provided by their security provider.
• Follow official security posts and community discussions for timely guidance.

The community’s collective approach emphasizes proactive patching and layered defense, rather than waiting for an incident to happen.

Protection and ongoing promotions from partners

The following partner offers are presented here as sponsored content to help readers discover practical tools that complement site hardening. Their presence is marked as sponsored content to reflect discovery through community sharing.

The following TestClear offers are available

• Coupon code: not provided in this article
• Special promotions: See terms of promotion
• When: Now through ongoing promotions

The following Crocs US offers are available

• Coupon code: not provided in this article
• Special promotions: See terms of promotion
• When: Now through ongoing promotions

The following Shutterstock offers are available

• Coupon code: not provided in this article
• Special promotions: See terms of promotion
• When: Now through ongoing promotions

Readers are encouraged to check the terms on each sponsor’s page and look for official “special offers” or clearance sections where relevant. The goal is to find legitimate savings while keeping their WordPress setup secure and up to date.

Top 3 ways to save at sponsor offers with this mass-exploit update

1. Look for promotions on reputable platforms that ship to their region and provide clear terms before applying any discount at checkout.
2. Plan purchases around short-term promotions to pair savings with ongoing security investments, such as plugin updates or firewall upgrades.
3. Watch for “special offers” pages on sponsor sites and compare prices on items that matter to their site’s needs, such as stock footage, design assets, or hosting add-ons.

Why these promotions from sponsors can help their readers

• Sponsored deals often run for a defined window, which can help readers budget upgrades more predictably.
• Promotions can offset costs associated with updating software and maintaining site security.
• Many sponsor offers include reputable brands and products that readers may already be considering for site upkeep.